Enforce Shadow Application Governance

The Problem

The Open Authorization (OAuth) protocol enables application to application (i.e. machine identities) connectivity in SaaS environments. If the tokens involved in the authentication process become compromised, the risk of a supply-chain based attack increases significantly. Attackers can target these 3rd party OAuth applications to gain unauthorized access to business-critical data and resources.

The Solution

  • DoControl will discover all sanctioned and unsanctioned 3rd party OAuth applications, which users have installed them, the drive-wide permissions, and more
  • Event correlation provides the business context required for security teams to differentiate between normal and high-risk activity
  • Security Workflows provide automated remediation of supply chain-based attacks (i.e. automatically suspend or remove unauthorized applications)