View App Details
The details page for an app lists summary information about the app, including:
- The risk score for the app, and the details on how it was calculated.
- The identities that have made DNS requests and seen traffic for the app.
- The detailed attributes of the app, which can help you perform a risk/benefit analysis of permitting the app to be used in your environment.
Prerequisites
- A minimum of Read Only access to the Umbrella dashboard. See Manage User Roles.
Procedure
- Navigate to Reporting > Core Reports > App Discovery and click one of the app labels to open the Apps Grid.
- Click the name of an app to view its details for the last 90 days.
- View the initial details of the app, including the name and description of the app.
- Risk Score—The overall risk score assigned to the app. This could be calculated by Umbrella. Hover over the Risk Score icon to display the Risk Summary for the app.
The Risk Summary displays:
- The Custom risk score, which appears if you have chosen to override the Weighted risk score calculated by Umbrella.
Note: If you apply a Custom risk score to an app, it will be noted in the Apps Grid display as shown below:
- The Weighted risk score calculated by Umbrella based on Business risk, Usage risk, Vendor compliance, and Community risk (if available).
- The Community risk score, which appears if one or more other users have assigned a Custom risk score to the app. Umbrella calculates the Community risk score as a median of the Custom risk scores assigned to the app by all users.
- A label describing the review status of the app for your installation: Unreviewed, Approved, Not Approved, or Under Audit.
- A link to control the app. The link text may appear as Control this app or Edit app controls.
- Control this app—Available only when Block or Allow have not been configured for this app. If the app setting is configured but has not yet been applied to a policy, a red tooltip appears.
- Edit app controls—Available only when the app has previously configured application settings and you can enable advanced activities for the application.
For more details, see Control Apps.
- App URL—The URL of the app.
- Category—The category the app falls under. Fore more information, see Application Categories.
- Identities—The number of identities that accessed the app.
- Vendor—The owner of the app.
- Traffic—The number of bytes of total traffic and bytes blocked.
- DNS Requests—The total number of DNS requests and the percentage of requests blocked by Umbrella.
- First Detected—The date the app was first detected.
- Last detected—The date the app was last detected.
- Firewall Events – The total number of firewall events and the percentage of web requests blocked by Umbrella.
- Click the Risk Details tab to view the risk details.
The risk details shows the app's Weighted risk score and how Umbrella calculated it, including Business Risk, Usage Risk, and Vendor Compliance. Expand any of the risk types to view its details.
- Click the Identities tab to view which identities have made DNS requests, and seen Firewall events and traffic for this app. You can order the list by any column in ascending or descending order. You can filter for identities by name (enter the first few characters of the identity name) or date detected.
Click the Download CSV icon to download this information as a CSV file.
- Click the Attributes tab to view attributes of the app.
Attributes are divided into categories. Click a category name to view the attributes associated with it. (Not all applications will show all attribute categories.)
For each displayed attribute, Umbrella shows whether the attribute applies to the application and the dates when the attribute information was collected and updated. Use the attributes to evaluate the risk that the application will expose your environment to data breaches, identity theft, financial fraud, and other cyber threats.
The attribute categories you may see are:
- Compliance attributes — Indicate whether the application complies with the requirements of a number of certifications such as GDPR, HIPAA, SOC 2, and FEDRAMP.
- Vulnerabilities attributes — Indicate whether the application is vulnerable to exploits that attackers could use to compromise the security of the affected systems, steal sensitive data, or cause other types of damage.
- Access control attributes — Indicate the methods the application supports to manage and restrict access based on a user's identity, role, and level of authorization.
- Data security attributes — Indicate the practices and technologies the application uses to protect data from unauthorized access, use, disclosure, modification, or destruction.
- Auditability attributes — Indicate the abilities the application provides for an administrator to review the activity and transactions of a system, to ensure that it is operating in a compliant and secure manner.
- Email authenticity attributes — Indicate what methods the app provides to verify that email is actually from the sender that it claims to be from, and that the message has not been tampered with or altered in any way during transit.
Review Apps in the Apps Grid < View App Details > Control Apps
Updated 4 months ago