- 01 Feb 2024
- 7 Minutes to read
- Updated on 01 Feb 2024
- 7 Minutes to read
Use the Saas Applications to see a consolidated view of all SaaS applications in the Axonius Catalog (a repository of SaaS applications that you can use to evaluate potential vendors) and applications detected in your organization. The Saas Applications page delivers increased management and oversight over the various applications used in your organization. It helps security, IT, and risk teams understand:
How each application is managed
What level of security risk is posed by each application
Who is using each application
Whether their SaaS accounts are paid or unpaid
Which security standards an application is compliant with
Click the Assets icon and from the left-pane, select SaaS Applications.
The SaaS Applications page opens displaying the default view. Not all of the fields are displayed by default. Use Edit Columns to add or remove columns. Each user can customize what fields appear in their own, personalized default view. For more information, see Setting Page Columns Displays.
Click the arrow next to any of the fields to see more details about that field.
The Adapter Connections column displays the icons of the adapter connections from which this SaaS Application was seen, or the source from which Axonius draws the data for any of the displayed applications.
Axonius Catalog - A repository of SaaS applications that you can use to evaluate potential vendors. This connection includes all data from the catalog. You can use the aggregated adapter to query all of the fields from the Axonius Catalog (such as SSO, security, policies, and more) to display applications that meet your selected criteria.
Axonius Discovery- Axonius leverages its device inventory to discover SaaS application usage per device.
Axonius adapter - The Axonius adapter connection.
CSV Adapter - Application data manually uploaded to Axonius from a CSV file. For more information, see CSV - Applications.
There are many fields that you can view and query on the SaaS Applications page. This includes the following categories of fields:
These fields display static data about the application. This data is not subject to change across different user accounts. Some examples of these fields include:
- Name- Name of the application.
- Category - The industry category that defines the application type.
- Risk -An assessment of the application's potential security risks (Low, Medium, or High). For more information, see Application Risk Score.
- Compliance - The security standards that are relevant for this application, based on information provided by the application's vendor. Hover over the number to see all the relevant standards.
- Multi Factor Authentication - Indicates if the application uses MFA for sign-in.
- Single Sign on - Indicates if the application is an SSO application.
These fields provide an additional level of detailed insights on your SaaS environments' applications, their users, and spending (based on account). These fields provide either a number of results for a specific query, an aggregated number that represents a dollar value connected to spending for a SaaS application, or a True/False value for an application parameter. For fields that display a number, you can click the number to view the list of items that it represents. The relevant data is derived from information fetched from the application.
You can use these fields as indicators of where you might want to do more research on the activities in your organization's SaaS environment. For example, if an application has a high number of Total Misconfigured Settings, then you'll likely want to further research how that application is being used and if it's posing security risks for your organization.
Alternatively, you might want to take note if an expense amount is particularly high for an application to see if you are spending significantly more than you need to be on that application.
- Dynamic fields - Some examples of these fields include:
- Is Discovered - Indicates if the application was discovered in your organization's SaaS environment (a subset of the SaaS Applications Repository).
- Is managed - Indicates if the application is managed (via Axonius adapter, SSO or both) or not managed at all.
- Is managed by Connected App - Indicates if the application is managed by its own adapter (example: Zoom is managed by the Zoom adapter)
- Is managed by SSO - Indicates if the application is managed by the organization’s SSO solution.
- Generated From - An indication on how a SaaS application was discovered (by its own connected adapter, from an installed software or a CVE on a device, an extension, a DNS record, an expense or a license).
- Counter fields - Calculated fields that display the number of users that meet the criteria defined for that field. Some examples of these fields include:
- Affiliated Users - All users for the application. These users are retrieved using the app's adapter, extensions used by the app, or DNS records that connect the users to the app.
- Managed Users by App - Users fetched from the same application's adapter.
- Active Users - Users who have logged into the application in the past 90 days.
- Inactive Users - Users who have not logged into the application in the past 90 days.
- Unused Users - Users that have never logged in to the application.
- Managed Users by SSO - Users that are managed by the organization’s SSO (user extensions fetched from the SSO adapter, and their extension type is either “SSO" or "Admin Consent").
- Orphaned Users - Users who have been off-boarded from the SSO (removed, suspended or deleted) but are still managed by the application.
- Unlinked Users - Users that are managed in the organization's SSO solution, but not in the application's adapter
- Unmanaged & Unclassified Users - Users that are not managed by an adapter or SSO, or users that were fetched by DNS adapters but have no information tying them to the SaaS application other than its domain in their DNS records.
- Non Operational / Unknown Activity Status - The number of users with either an unknown activity status (no 'Last Logon' data) or non-operational user status.
- Last enrichment run - The date of the last enrichment on this application.
- Suspended Users - The number of suspended users for this application.
- Expense Amount - The total aggregated expenses cost for this application for the current calendar year.
- License Cost - The total aggregated cost of licenses (active and inactive) for this application for the current calendar year.
- External Users - The number of external users for this application.
- User Extensions Used by App - The number of users that have extensions used by this application.
- App User Extensions - The number of user extensions provided by this application.
- Upcoming renewals - The number of licenses for this application that are set to be renewed in the next 90 days.
- Total Misconfigured Settings - The number of settings defined as misconfigured this application.
- Total Accounts - The number of separate instances of this application.
Access The SaaS Applications Repository
The SaaS Application Repository page contains data and pages for a myriad of SaaS applications that you can use to evaluate potential vendors. This includes general information about these apps and their vendors, and is not limited to applications that are used in your organization.
To open the SaaS Applications Repository, click Repository.
Creating Queries on SaaS Applications
The Query Wizard on the SaaS Application page allows you to create a unique set of queries. You can query fields such as the fetch time, adapter connections, or Single Sign On. You can add additional levels to the query, such as querying by risk and security policy. Use these queries to find out which applications exist with asset context in your environment or how many applications have a particular risk score. Refer to Creating Queries with the Queries Wizard to learn more about creating queries.
For example, this query enables you to determine how many high-risk applications were discovered in your SaaS environment:
After running the query, the table shows the queried applications, filtered by the criteria you defined in your query.
Adding Custom Data to an Application
You can add custom fields to one or more SaaS Application assets at the same time. you can use this to add and manage your own organization-specific data. For example, for an application your organization uses, you may want to add an Owner, Business Critical Designation, Custom Risk Evaluation, or other data points that you can edit for an application.
Select one or more applications and from the Actions menu choose Add Custom Fields.
Refer to Working with Custom Data to learn about adding custom fields.
Add Tags to SaaS Applications
Use tags to assign context to your assets for granular filters and queries. Apply new or existing tags to the selected applications. The list of selected tags is applied to all selected applications.
Refer to Working with Tags to learn about adding tags to applications.
View an Application Profile
You can click on an individual application asset to see all the data for that particular application. For more information, see Asset Profile Page.
For general information about working with tables refer to Working with Tables.