Applications | Axonius SaaS Management

The Axonius SaaS Management Applications module provides insight into the applications used in your organization as well as applications you are considering purchasing. Using the various graphs, widgets, and filters, you'll be able to better understand:

• How each application is managed

• What level of security risk is posed by each application

• Who is using each application

• Whether their SaaS accounts are paid or unpaid

• Which security standards an application is compliant with

• and more...

The Discovered Applications Page

The Discovered Applications page shows data for all the applications that SaaS Management identifies in your organization. It consists of three main sections:

The Filter section allows you to select filter values to define what data is displayed on the page including the graphs and widgets in the Compliance Overview section, or search for a specific item to filter by.

The Compliances Overview section contains seven visual displays of the SaaS security standard compliance among applications used in your organization.

• The Risk Division graph shows the different levels of risk posed by vendors.
  

• The Compliance Coverage graph shows the percentage of compliant applications per standard, broken down by the various categories of SaaS vendors.
  

• The Data Center Location graph shows the locations of tracked vendors.
  

• The Company Size to Funding Ratio widget shows funding data for small, medium, or large vendors.
  

• The Data Encryption graph shows the percentage of vendors that encrypt data at rest and/or in transit.
  

• The Data Retention graph shows data retention across all applications, by duration and a percentage.
  

• The Bug Bounty graph shows the percentage of vendors that implement bug bounty programs.
  

You can click to hide the graphs in the Overview section. Click it again to display the graphs.

The bottom section of the page displays application cards for data cards for each SaaS application used in your organization that meets the defined filter criteria. You can review this data to gain better insight into a vendor's risk level or open the page for that specific application to take a more in-depth look at the application.

Set Filters

You can filter your SaaS Management data according to any of the following available filters:

• Category - Filter for types of applications based on defined categories.
• Managed by - Filter for applications that are managed via Axonius adapter, SSO, or not at all.
• Application - Filter for specific applications.
• Risk Score - Filter for applications with High, Medium, and/or Low risk scores.
• Compliance - Filter for specific security standards that the applications are compliant with.
• Custom Tags - Filter for tags that you use within the organization to indicate the status of the application.
  For information on creating or setting custom tags on an application, see Edit Application Information below.

You can also use the Search bar to filter for specific values such as user names, email addresses, etc.

To reset the filters to their default settings, click Reset.

Review Application Cards

The bottom section of the page displays application cards for data cards for each SaaS application used in your organization that meets the defined filter criteria.

The Repository page contains similar cards and pages for over 1500 SaaS applications that you can use to evaluate potential vendors.

The user status displayed can vary by SaaS app. For more information on what each status means for different applications see User Statuses.

Each card contains the following information:

• Risk level
• Company location
• Company size
• Year Company was founded
• whether the company is private or public

In addition, cards for applications detected in your environment contain information about how the application's users were discovered. For more information about these values, see User Filters.

To open an application's page and review its details in greater depth, click its card.

Application Details

The applications page contains publicly available information about the vendor including the standards that it complies with, relevant web pages, internal notes and labels, details about the applications usage within your organization, and other relevant publicly available information about the vendor.

Overview

The Overview section of the page includes the following sections:

• Description - Short description of the Vendor organization with a link to the website.
• Users - A breakdown of the application's users within your organization within the Managed, Shadow, and Discovered tags.
• Compliance - The security standards that are relevant for this application.
• Policies and Reports - Publicly available policies and reports for this application.
• Product Security - Security measures in place on the application's product level.
• Data Security - Security measures the vendor takes to secure data in the application.
• Events - links to pages or articles that list or describe significant security events associated with the application.

Users

The Users view provides further details about the users in your organization using the selected application.

You can use the following filters to review the list of users and you can also search for specific users or tags with the Search bar:

• Account - Select the specific user accounts for the application.
• Tags - Filter for Discovery Method, Shadow, Account, and Attribute tags. For more information about these values, see User Filters.
• Admin Permissions - Filter for users with admin permissions.
• Department - Filter users by their departments.
• Last discovery - Filter by users in this app who were last discovered by Axonius within a selected date range.
• Last login - Filter by users who last logged in to the application within a selected date range.
• SSO last login - Filter by users who last logged in to the application via SSO within a selected date range.

Edit Application Information

The sidebar contains internal application information. You can click to edit the following items:

Custom tags
Tags that you can use within your organization to indicate the status of the application. You can filter for these tags on the main application screen and in the Interconnectivity screen.

To enter a custom tag, type the tag in the text box and press ENTER.

Owner
Add an owner or multiple owners responsible for this application within your organization.

To add an owner

1. Click Add owner.
2. Select the account type.
3. Enter the Owner's name and press ENTER.

To delete an owner, click the corresponding .

Business critical
You can select how critical the application is for your organization's business.

Risk score
Each application is automatically assigned a risk score based on specific criteria. You can override an application's risk score by selecting your own risk assessment form the drop-down menu.

Notes
You can add any notes you might want to include for this application.

Last reviewed by
You can add your name to indicate that you were the last user to review the data.

Make sure to click Save after any changes.