Changes to the LIVEcommunity experience are coming soon... Here's what you need to know.
The assets discovered on your company’s cloud apps will have an exposure level that usually forms the basis of your Prisma SaaS policies. That exposure may be set depending on defaults defined by the cloud app administrator. For example, as the Prisma SaaS administrator you might find an incident for an asset exposed in a way that the owner didn’t intend. That could be because the administrator of the cloud app chose a default that was automatically applied. The exposure level is also determined by the URLs created to share assets and who those links can be shared with.
More information can be found about an asset's exposure from your cloud app's reports. Below is a sample Audit Log for Google Drive from Google Admin. Note the values in the "Visibility" column. Other file storage cloud apps have similar reporting to help learn more about the configuration.
Here are some examples from OneDrive of file exposure determined by an asset's sharing URL.
File exposure status is displayed in the Assets menu item under the Explore tab within Prisma Saas.
Let's look at folders in OneDrive. Here one folder is "Shared'. Every file in that folder will have the exposure of that parent folder. Similarly, the contents within the "Private" folder will inherit the sharing settings of the parent folder.
If you believe Prisma SaaS is identifying an asset’s exposure incorrectly please open a support case. Attach the following items to the case to assist the technical support engineer.