Security and Compliance
Managing security and compliance in Zluri
This article explains how to use the security and compliance features in Zluri. When viewing application details, you can access the Security and Compliance tabs to monitor and manage these aspects for each application.
Security
The Security tab provides insights into potential threats related to application permissions and helps you identify users with access to sensitive data.
To access it, click Application in the left sidebar and select an app (Slack in this example).
Clicking the Security tab will show you which permissions your applications have access to and their associated security threat levels. You can quickly identify high-risk permissions and see which users are affected.
Understanding threat levels
Zluri calculates threat levels for each application-user combination based on the scope risks. You can view what scopes an application has access to in Google Workspace and Azure AD, along with the associated threat level for each scope.
Threat levels are determined by:
- The sensitivity of the data the application can access
- The type of operations the application can perform on that data
For example, a scope that grants permission to "Edit and delete all Google Drive files" has a higher threat level than one that only allows "View email addresses".
Monitoring user access
To see which users have granted specific permissions to an application:
-
Locate the scope you want to investigate
-
Click Show (number) users next to that scope
-
This will give you a list of users with their role and threat level.
Compliance
The Compliance tab lets you manage and store compliance certificates for your applications.
While Zluri displays compliance information for some well-known applications, this data isn't actively maintained by Zluri and may be outdated. Always review and update compliance information before generating reports.
Adding compliance certificates
To add a compliance certificate:
-
Click Add Compliance.
-
Search for and select a compliance type from the list.
-
Fill out the relevant fields and click Add Compliance.
-
Optional: Check Add as a global compliance asset to make it available for all applications
Caveats
- Global compliance assets are added to existing applications only, not to new applications added later
- You must update the status, effective date, and expiry date for each application separately
Adding custom compliance types
If a required compliance type isn't in the master list:
-
Click Add Compliance
-
Enter a search term. If the compliance name is not in the list, click + Add New Compliance.
-
Fill out the relevant fields and click Add Compliance.
Generating compliance reports
The compliance report provides a comprehensive list of all applications and their compliance status. To generate a report based on your updated data:
-
Navigate to Reports → All Reports.
-
Search for "compliance". Under Application Compliances, click Generate Report.
Got questions? Feel free to submit a ticket or contact us directly at [email protected].
Updated 21 days ago