SaaS Security Administrator's Guide
    : Determine the Risks Posed by Third-Party Plugins for One Marketplace App
    Focus
    Download PDF
    Focus
    1. Home
    2. SaaS Security
    3. SaaS Security Administrator's Guide
    4. SaaS Security Posture Management
    5. Assess Posture Security
    6. View Third-Party Plugins
    7. Determine the Risks Posed by a Third-Party Plugin
    8. Determine the Risks Posed by Third-Party Plugins for One Marketplace App
    Download PDF

    SaaS Security Administrator's Guide

    Determine the Risks Posed by Third-Party Plugins for One Marketplace App

    Table of Contents

    Determine the Risks Posed by Third-Party Plugins for One Marketplace App

    The Connected Applications tab shows the third-party plugins that are hosted in a marketplace app. Review the plugins to determine if you want to allow them in your environment.
    For an individual marketplace app instance, you can review its third-party plugins from the Connected Applications tab of the app's details page. Examine each unreviewed third-party plugin to determine if you want to allow it in your environment.
    1. Navigate to the third-party plugins for a marketplace app. Do one of the following:
      • Navigate to the third-party plugins from the dashboard:
        1. Select Posture SecurityDashboard, and locate the Applications by 3rd Party Plugins area. This area shows the marketplace apps that have the most unreviewed plugins. The area shows the number of unreviewed plugins for each app.
          Investigate each unreviewed plugin to judge whether it threatens your organization's security.
        2. For the marketplace app whose third-party plugins you want to review, click the Unreviewed Plugins link.
      • Navigate to the third-party plugins for a marketplace app from the Applications page.
        1. Select Posture SecurityApplications.
        2. Locate the SaaS app, then View Details.
        3. Select the Connected Applications tab.
    2. On the Connected ApplicationsConnected Applications tab, view the list of third-party plugins that one or more users added to the marketplace app.
      The table on this page lists the plugin applications that were connected to the marketplace app. The table displays information for each plugin, such as its severity (based on the scopes that were granted to the plugin), whether the plugin was installed for the organization or for individual users, and whether the plugin is a public or private application. The information that SSPM can display in the table depends on the type of marketplace app that is hosting the third-party plugin.
      The Status column of the table identifies which plugins were Not Reviewed. Assess these plugins to determine if they are a risk to your environment.
      To filter the table to show only certain applications, click any of the application counts displayed in the upper section of the page, such as the application severity or review status counts. In the table, you can also Add Filter to filter the table by attributes such as the application severity, review status, or accessed scopes.
      Click the table's download icon to export the table information to a CSV file. The file will contain all the applications unless you applied a filter to the table.
    3. In the Applications column, click the name of the third-party plugin that you want to review.
    4. Examine the details of the third-party plugin.
    5. Take action on the third-party plugin.
      From the Actions column, you can specify that the plugin was Reviewed, or you can Revoke Access to the plugin. From the Users tab, you can also Revoke Access for individual users (if SSPM supports the Revoke Access action for the marketplace app).

    © 2024 Palo Alto Networks, Inc. All rights reserved.