Security and Compliance

Managing security and compliance in Zluri

This article explains how to use the security and compliance features in Zluri. When viewing application details, you can access the Security and Compliance tabs to monitor and manage these aspects for each application.

Security

The Security tab provides insights into potential threats related to application permissions and helps you identify users with access to sensitive data.

To access it, click Application in the left sidebar and select an app (Slack in this example).

Clicking the Security tab will show you which permissions your applications have access to and their associated security threat levels. You can quickly identify high-risk permissions and see which users are affected.

Understanding threat levels

Zluri calculates threat levels for each application-user combination based on the scope risks. You can view what scopes an application has access to in Google Workspace and Azure AD, along with the associated threat level for each scope.

Threat levels are determined by:

  • The sensitivity of the data the application can access
  • The type of operations the application can perform on that data

For example, a scope that grants permission to "Edit and delete all Google Drive files" has a higher threat level than one that only allows "View email addresses".

Monitoring user access

To see which users have granted specific permissions to an application:

  1. Locate the scope you want to investigate

  2. Click Show (number) users next to that scope

  3. This will give you a list of users with their role and threat level.

Compliance

The Compliance tab lets you manage and store compliance certificates for your applications.

🚧

While Zluri displays compliance information for some well-known applications, this data isn't actively maintained by Zluri and may be outdated. Always review and update compliance information before generating reports.

Adding compliance certificates

To add a compliance certificate:

  1. Click Add Compliance.

  2. Search for and select a compliance type from the list.

  3. Fill out the relevant fields and click Add Compliance.

  4. Optional: Check Add as a global compliance asset to make it available for all applications

🚧

Caveats

  • Global compliance assets are added to existing applications only, not to new applications added later
  • You must update the status, effective date, and expiry date for each application separately

Adding custom compliance types

If a required compliance type isn't in the master list:

  1. Click Add Compliance

  2. Enter a search term. If the compliance name is not in the list, click + Add New Compliance.

  3. Fill out the relevant fields and click Add Compliance.

Generating compliance reports

The compliance report provides a comprehensive list of all applications and their compliance status. To generate a report based on your updated data:

  1. Navigate to ReportsAll Reports.

  2. Search for "compliance". Under Application Compliances, click Generate Report.

Got questions? Feel free to submit a ticket or contact us directly at [email protected].