cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Monitor SAAS for configuration flaws, while not actively monitor user behaviour

RVC
Brass Contributor

‎Oct 10 2022 01:53 AM

‎Oct 10 2022 01:53 AM

Monitor SAAS for configuration flaws, while not actively monitor user behaviour

Can we monitor cloud platform security while we do not actively monitor (and protect) user activity for the connected Cloud app?

 

In preparation for the MDCA roll-out, I want our SecOps teams to be informed about the misconfiguration of Cloud apps. But, for now, we do not want to create events about usage.

 

Is this possible?  For example, by connecting the Cloud app via an API but excluding all users from monitoring (based on the scoped deployment practice)? Will this allow the MDCA feature to discover issues in the configuration, or are those only triggered based on users' activity?

735 Views
0 Likes
3 Replies
Reply
3 Replies
Keith_Fleming

‎Oct 10 2022 08:35 AM

‎Oct 10 2022 08:35 AM

Re: Monitor SAAS for configuration flaws, while not actively monitor user behaviour

Hi @RVC,

 

I would expect if using a scoped deployment that will limit activities that are ingested but shouldn't impact misconfiguration details available through SSPM.

0 Likes
Reply
RVC

‎Oct 10 2022 10:12 AM

‎Oct 10 2022 10:12 AM

Re: Monitor SAAS for configuration flaws, while not actively monitor user behaviour

and with not impact you mean; misconfiguration will not detect OR it should be no issue to find them?

0 Likes
Reply
Keith_Fleming

‎Oct 10 2022 10:36 AM

‎Oct 10 2022 10:36 AM

Re: Monitor SAAS for configuration flaws, while not actively monitor user behaviour

@RVC I would still expect to see SSPM recommendations even with a scoped deployment.

0 Likes
Reply