Axonius Documentation
Start typing to search…

Zscaler SSPM

Zscaler SSPM is a solution that provides continuous monitoring and remediation of SaaS application security configurations to enhance data protection and compliance.

Asset Types Fetched

  • Vulnerabilities, Users, Business Applications, SaaS Applications, Network Services, Network/Firewall Rules

Before You Begin

Permissions

The following permissions are required:

  • The service administrator of Zscaler SSPM must assign you either the 3rd‑Party App Governance permission group, or a custom role who has this permission. To assign this permission, in the ZIA Admin Portal, go to AdministrationService Management.
    • Without the above permission, calls to GET/apps/app will succeed, but apiActivities, risks, and other governance‑specific sub‑objects will be omitted or returned empty.
  • To fetch all fields properly, a read‑only access to the App Governance service is required.
    • Write‑level permissions aren’t required for GET operations, but might be required later to modify app classifications or consent.
  • If you authenticate with an API Key + session login (POST /authenticatedSession), ensure the underlying user account is in the App Governance permission group.
  • If you authenticate with OAuth, ensure to request scopes that include the appGovernance.read permission (or an equivalent permission) for your token.

Supported From Version

Supported from Axonius version 6.1.71

Connecting the Adapter in Axonius

To connect the adapter in Axonius, provide the following parameters.

Required Parameters - General

📘

Note

The following parameters are required to fetch all assets except for Business Applications.

  1. Cloud Service domain - The base domain for the API. It should contain an http:// or https:// prefix, and should not contain any specific endpoints.
  2. User Name and Password - The credentials for a user account that has the Required Permissions to fetch assets.
  3. Cloud Service API Key - An API Key associated with a user account that has the Required Permissions to fetch assets.

Required Parameters - Business Applications

  1. 3rd Party App Governance API domain and 3rd Party App Governance API Key - See Required Permissions for more details.
ZscalerSSPM_parameters
📘

Note

To fetch all asset types, provide all the required parameters mentioned above.

Optional Parameters

The following parameters are optional for all asset types:

  1. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

  2. HTTPS Proxy - Connect the adapter to a proxy instead of directly connecting it to the domain.

  3. HTTPS Proxy User Name - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.

  4. HTTPS Proxy Password - The password to use when connecting to the server using the HTTPS Proxy.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

Updated 1 day ago