Shadow IT
Shadow IT includes the following widgets:
Personal Accounts with Cloud Access |
Displays personal accounts with cloud access. |
Personal Accounts with File Access |
Displays personal accounts users with file access. |
Unsanctioned Cloud Service |
Displays unsanctioned cloud services. |
File exfiltration detection |
Displays file exfiltration detections. |
Configuration requirements
In order for FortiAnalyzer to be able to correlate data from FortiGate and FortiCASB and generate the log data used in the Shadow IT monitor, an administrator must configure the FortiCASB connector on FortiAnalyzer in Fabric View. See Creating or editing Security Fabric connectors.
To retrieve cloud applications, users, and sensitive file information from FortiCASB on demand, an administrator must also configure a FortiAnalyzer playbook in FortiSOC with the Get Cloud Data action using the FortiCASB connector. See Playbooks.