EVENT
SaaS Integrations - Any connected SaaS Apps - Specifically show the link (giving possibly dangerous permissions) is detected between SaaS applications.
RECOMMENDED ACTION
Contact the Customer or User and make them aware of this event. Confirm the Customer is aware of the external data source or SaaS App that has been granted access. This alert will only appear once. Future connections will be recorded as logged events. If the external data source or SaaS App integrations are not authorized, immediately block access in the primary SaaS App management panel.
For Office 365 check "Enterprise Applications" https://aad.portal.azure.com/#blade/Microsoft_AAD_IAM/StartboardApplicationsMenuBlade/AllApps
For Google Workspace (G Suite) check "3rd party app access"
https://admin.google.com/ac/owl/list?tab=apps
Comments
0 comments
Please sign in to leave a comment.