Why is this feature important?
This feature provides enhanced visibility and control over connected apps in your environment. It helps identify potential security risks associated with app permissions and usage, allowing you to proactively manage and mitigate those risks. By understanding which users are authorizing apps and how frequently those apps are used, you can enforce stronger security policies, ensure compliance, and protect sensitive data.
What insights can I get from this feature?
The feature offers several key insights, including:
- A comprehensive overview of all connected apps in your environment
- Information on which users have authorized specific apps
- Usage frequency of connected apps
- Identification of risky permissions associated with apps
- Recommendations for improving security posture, such as identifying apps with self-authorization access or those not installed from a package
- Detailed configuration information for installed applications
Where can I find the new feature?
The feature is available in a new dashboard titled “Connected Apps.”
Where can I find the new feature?
The dashboard has two main sections:
- Overview tab: Provides a summary table of all connected apps
- Details tab: Offers more granular information
Who can access this new feature?
The Connected App Analysis dashboard is available for customers on paid plans and those in a 30-day trial. It is not available for free users.
What is the difference in data available for installed vs. non-installed apps?
The level of detail depends on whether an app is installed.
Data available for all apps (installed and non-installed):
- Connected app name
- Installed status
- Initial connection date
- Last used date
- Number of users who actually used the app
- Usage count
- Setup link
Additional data for installed apps:
- Namespace
- Description
- Info link
- Permitted Users
- Count of Profiles/Permission Sets
- Last used by any user
What new "risky permissions" are being identified?
The scanner now identifies and flags three additional risky permissions:
- ApiEnabled (API Enabled)
- AuthorApex (Author Apex)
- AuthorApex (Author Apex)
These appear in both the Risky Permissions widget and the permissions table.
Why do some permission fields look blank in older scans?
The three new risky permissions (ApiEnabled, AuthorApex, CanApproveUninstalledApps) are only detected by the updated scanner. Historical scan data from before this update will show blank fields for these columns.
What are the new recommendations related to connected apps?
Two new recommendations improve connected app security:
- Connected app has self-authorization access: Flags installed apps that allow any user to self-authorize, which poses a security risk.
- Connected app is not installed: Flags apps that are not installed from a package. App settings can only be updated for installed apps.
What does the “Connected app has self-authorization access” recommendation mean?
This applies to any installed connected app where the Permitted Users policy is not set to Admin approved users are pre-authorized. The recommended fix is to update this setting, preventing users from granting themselves access without administrative approval.
What does the “Connected app is not installed” recommendation mean?
This applies to any connected app that is not installed from a package. The guidance is to install these apps so you can properly manage their security settings, such as setting Permitted Users to Admin approved users are pre-authorized.
How can the new recommendations impact the Hubbl score?
The recommendations can affect your Hubbl score in two ways:
- Positive impact: If an organization has no issues and no new recommendations are flagged, the score increases—rewarding proactive management.
- Connected app is not installed: If an organization has existing issues and new recommendations are flagged, the score decreases—indicating more areas that require attention and resolution.
