Update and View Shadow IT Discovery Applications
For supported software information, click here.
Shadow IT refers to IT devices, software, and services that operate within an organization's network without explicit management, control, or approval of the IT department. Shadow IT discovery proactively identifies and these IT assets, and categorizes them according to their risk level based on security vulnerabilities, compliance risks, and business impact.
In Versa Concerto, you can change the state of shadow IT applications according to your requirements. The states are:
- Sanctioned—Applications that are officially approved by your organization.
- Unsanctioned—Applications that are specifically not approved.
- Allowed—(Releases 13.1.1 and later.) Applications that are unofficially approved.
- Unknown—Applications of an unknown state.
This document describes how to view shadow IT discovery information and how to update the state for a shadow IT application.
View Shadow IT Applications
To view information about shadow IT applications:
- In Tenant view, select View > Dashboard > Security > Risk Score > Shadow IT Discovery. The Shadow IT Discovery screen displays.
- For Releases 12.2.2 and earlier, all applications display.
- For Releases 13.1.1 and later, select the Active Applications tab to display applications currently in use, or the All Applications tab to display all applications.
- For Releases 13.1.1 and later, you can customize the display based on confidence scores. Select the confidence scores for applications that you want to include (Excellent, Great, Good, or Low). The percentage fields in the confidence tiles are recalculated to reflect only the selected scores. In the example below, the Good and Low confidence scores are selected and only applications that have these scores are displayed.
- For Releases 13.1.1 and later, select from the following fields to display a subset of applications, save the information in CSV format, and change the time period over which ratings are calculated.
Field Description Select Application Type Select an application type from the drop-down list. Only applications of the selected type display. The status bar ratings are recalculated to include only the selected application type. Application Categories (Group of Fields) By default, applications in all categories display. Alternatively, you can select one or more of the following categories to limit the display. The status bar ratings are recalculated to include only the selected categories. - Allowed
Click to include allowed applications. - Sanctioned
Click to include sanctioned applications. - Unsanctioned
Click to include unsanctioned applications. - Uncategorized
Click to include uncategorized applications. Download CSV Click to download the information in CSV format to your local system. Time Period Select a time period from the drop-down list. This sets the time period over which ratings are calculated. - For Releases 13.1.1 and later, select the
Tile or 
List icon to display applications in tile or list format, respectively. In the following example, applications are displayed in list format.
- To view details for an application, click the View Details icon in the tile or list item for the application. In Releases 13.1.1 and later a table displaying traffic logs associated with the application displays.
- To view security details for an application, select from the following tabs on the Application Details screen:
Tab Description Certifications and Standards Compliance and datacenter certifications.
Data Protection Data protection standards details.
Access Control Levels of access controls and policy enforcement.
Auditability Status of auditing and regulatory requirements.
Disaster Recovery and Business Continuity Business continuity data access in case of a system failure or disaster.
Legacy and Privacy Legal, mobile privacy, and browser privacy information. - Legal
Legal information.
- Mobile Privacy
Mobile privacy information.
- Browser Privacy
Browser privacy information.
Update the State and Rating for Shadow IT Discovery Applications
This section describes how to edit the state associated with a shadow IT application. For Releases 13.1.1 and later, this section describes how to edit the rating associated with a shadow IT application.
Applications rating are determined by a confidence score based based on one of the following criteria:
- Industry Standard Confidence Score—Score is automatically assigned based on industry standards.
- Calculated Confidence Score—(Releases 13.1.1 and later) Score is calculated based on parameters you provide.
- Custom Confidence Score—(Releases 13.1.1 and later) Score is manually assigned by you.
Confidence scores correspond to the ratings listed below:
- 1-40: Poor
- 41-60: Fair
- 61-80: Good
- 81-100: Excellent
Application states are the following:
- Sanctioned—Officially approved applications.
- Unsanctioned—Applications that are specifically not approved.
- Allowed—(Releases 13.1.1 and later) Applications that are unofficially approved.
- Unknown—Applications of an unknown state.
You can use sanctioned or unsanctioned application categories for SASE application and URL filtering match criteria for internet protection rules. For more information, see Configure SASE Application and URL Filtering for Internet Protection Rules.
To update the state or ratings for an application:
- Select View > Security > Risk Score.
- Click Shadow IT Discovery. The following screen displays.
- Click View Details in the tile for the application. The following screen displays with the application state in the top right corner (here, Sanctioned).
- To update the application state, click the
Edit icon to the right of the current application state. The Edit State popup window displays.
- Select one of the following options:
- Allowed (Releases 13.1.1 and later.)
- Sanctioned
- Unsanctioned
- Uncategorized
- Click Save and Publish Later or Save and Publish Now. The details screen for the application redisplays.
- (Releases 13.1.1 and later) To edit the criteria on which the confidence score is based click the Edit icon to the right of the Confidence Score. The Edit Confidence Score popup window displays.
- Select one of the following tabs
Tab Description Industry Standard Confidence Score Select to use the industry standard confidence score for the application. Calculate Confidence Score Select to choose the parameters on which to base the confidence score. The screen refreshes to display the following.
In item 1, click the toggles to select and deselect security features that contribute to the confidence score. The selected features are displayed in the table in item 2. Then, in item 2 select the importance of each security feature.
Custom Confidence Score Select to enter a custom confidence score. The screen refreshes to display the following.
Enter a confidence score. Confidence scores correspond to the ratings listed below:- 1-40: Poor
- 41-60: Fair
- 61-80: Good
- 81-100: Excellent
- Click Save and Publish Later or Save and Publish Now.
Supported Software Information
Releases 12.2.1 and later support all content described in this article, except:
- Release 13.1.1 adds support for filtering the display by application type. You can filter by sanctioned status and by whether the application is active or inactive. You can edit an application confidence score rating. You can filter applications based on their confidence score ratings. You can view the logs matching an application. The Allowed state is added for shadow IT applications.
Additional Information
Configure SASE Internet Protection Rules
View Concerto Security Dashboards