cloudflare · maxvp · Nov 13, 2024 · Nov 13, 2024 · Nov 13, 2024
@@ -13,7 +13,7 @@ Available for all Zero Trust users.
 Free users can configure up to two CASB integrations. You must upgrade to an Enterprise plan to view the details of an individual finding instance.
 :::
 
-Cloudflare's API-driven Cloud Access Security Broker (CASB) scans SaaS applications for misconfigurations, unauthorized user activity, <GlossaryTooltip term="shadow IT" link="https://www.cloudflare.com/learning/access-management/what-is-shadow-it/">shadow IT</GlossaryTooltip>, and other data security issues that can occur after a user has successfully logged in.
+Cloudflare's API-driven Cloud Access Security Broker (CASB) scans SaaS and cloud applications for misconfigurations, unauthorized user activity, <GlossaryTooltip term="shadow IT" link="https://www.cloudflare.com/learning/access-management/what-is-shadow-it/">shadow IT</GlossaryTooltip>, and other data security issues that can occur after a user has successfully logged in.
 
 ## Manage CASB integrations
 

@@ -8,72 +8,81 @@ head:
     content: Manage security findings
 ---
 
-Findings are security issues detected within SaaS applications that involve users, data at rest, and other configuration settings. With Cloudflare CASB, you can review a comprehensive list of findings in Zero Trust and immediately start taking action on the issues found.
+Findings are security issues detected within SaaS and cloud applications that involve users, data at rest, and other configuration settings. With Cloudflare CASB, you can review a comprehensive list of findings in Zero Trust and immediately start taking action on the issues found.
 
 ## Prerequisites
 
 - You have [added](/cloudflare-one/applications/scan-apps/#add-an-integration) a CASB integration.
 - Your scan has surfaced at least one security finding.
 
-## View findings
+## Posture findings
 
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **CASB** > **Findings**.
+To view your posture findings:
 
-   You will see the findings detected across all integrations.
+1. In [Zero Trust](https://one.dash.cloudflare.com), go to **CASB** > **Posture findings**.
+2. To switch between findings for your SaaS and cloud applications, choose **SaaS** or **Cloud**.
+3. Select a finding to view its details.
 
-2. To view details for an individual finding, select **View**.
+CASB will display details about your posture findings, including the type, [severity level](#severity-levels), associated integration, and status.
 
-   The individual findings page shows all detected instances of the finding within a specific integration. You can expand an individual row to view details for a particular instance.
+To resolve the finding, expand the remediation guide and follow the instructions. You can also [create an HTTP block policy](#resolve-finding-with-a-gateway-policy), update the finding's [severity level](#severity-levels), or [hide findings](#hide-findings) from view.
 
-3. To resolve the finding, expand the **Remediation Guide** and follow the step-by-step instructions in the UI.
+### Severity levels
 
-Other actions you can take include [creating an HTTP block policy](#resolve-finding-with-a-gateway-policy), updating the finding's [severity level](#severity-levels), or [hiding irrelevant findings](#hide-findings) from view.
+Cloudflare CASB labels each finding with one of the following severity levels:
 
-### View shared files
+| Severity level | Urgency                                                                      |
+| -------------- | ---------------------------------------------------------------------------- |
+| Critical       | Suggests the finding is something your team should act on today.             |
+| High           | Suggests the finding is something your team should act on this week.         |
+| Medium         | Suggests the finding should be reviewed sometime this month.                 |
+| Low            | Suggests the finding is informational or part of a scheduled review process. |
 
-File findings for some integrations (such as [Microsoft 365](/cloudflare-one/applications/scan-apps/casb-integrations/microsoft-365/#file-sharing) and [Box](/cloudflare-one/applications/scan-apps/casb-integrations/box/#file-sharing)) may link to an inaccessible file. To access the actual shared file:
+#### Change the severity level
 
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **CASB** > **Findings**.
-2. Locate the individual finding, then select **View**.
-3. In **Active Instances**, select the file name.
-4. In **Shared Links**, select the linked file instance.
+You can change the severity level for a finding at any time in case the default assignment does not suit your environment:
 
-## Severity levels
+1. In [Zero Trust](https://one.dash.cloudflare.com), go to **CASB** > **Posture findings**.
+2. Locate the finding you want to modify and select **Manage**.
+3. In the severity level drop-down menu, choose your desired setting (_Critical_, _High_, _Medium_, or _Low_).
 
-Cloudflare CASB labels each finding with one of the following severity levels:
+The new severity level will only apply to the posture finding within this specific integration. If you added multiple integrations of the same application, the other integrations will not be impacted by this change.
 
-- **Critical**: Suggests the finding is something your team should act on today.
-- **High**: Suggests the finding is something your team should act on this week.
-- **Medium**: Suggests the finding should be reviewed sometime this month.
-- **Low**: Suggests the finding is informational or part of a scheduled review process.
+## Content findings
 
-### Change the severity level
+To view your content findings:
 
-You can change the severity level for a finding at any time, in case the default assignment does not suit your environment:
+1. In [Zero Trust](https://one.dash.cloudflare.com), go to **CASB** > **Posture findings**.
+2. To switch between findings for your SaaS and cloud applications, choose **SaaS** or **Cloud**.
+3. Select a finding to view its details.
 
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **CASB** > **Findings**.
-2. Locate the finding you want to modify and select **View**.
-3. In the severity level drop-down menu, choose your desired setting (_Critical_, _High_, _Medium_, or _Low_).
+CASB will display details about your content findings, including the file name, number of DLP profiles matched, associated integration, and location.
+
+## View shared files
+
+File findings for some integrations (such as [Microsoft 365](/cloudflare-one/applications/scan-apps/casb-integrations/microsoft-365/#file-sharing) and [Box](/cloudflare-one/applications/scan-apps/casb-integrations/box/#file-sharing)) may link to an inaccessible file. To access the actual shared file:
 
-The new severity level will only apply to the finding within this specific integration. If you added multiple integrations of the same SaaS application, the other integrations will not be impacted by this change.
+1. In [Zero Trust](https://one.dash.cloudflare.com), go to **CASB** > **Findings**.
+2. Locate the individual finding, then select **Manage**.
+3. In **Active Instances**, select the file name.
+4. In **Shared Links**, select the linked file instance.
 
 ## Resolve finding with a Gateway policy
 
-Using the security findings from CASB allows for fine-grained Gateway policies which prevent future unwanted behavior while still allowing usage that aligns to your company's security policy. This means going from viewing a CASB finding, like the use of an unapproved SaaS application, to preventing or controlling access in minutes.
+Using the security findings from CASB allows for fine-grained Gateway policies which prevent future unwanted behavior while still allowing usage that aligns to your company's security policy. This means going from viewing a CASB finding, like the use of an unapproved application, to preventing or controlling access in minutes.
 
 :::note[Before you begin]
-
 Ensure that you have [enabled HTTP filtering](/cloudflare-one/policies/gateway/initial-setup/http/) for your organization.
 :::
 
 To create a Gateway policy directly from a CASB finding:
 
 1. In [Zero Trust](https://one.dash.cloudflare.com), go to **CASB** > **Findings**.
-2. Locate the finding you want to modify and select **View**.
+2. Locate the finding you want to modify and select **Manage**.
 3. Find the instance you want to block and select its three-dot menu.
 4. Select **Block with Gateway HTTP policy**. A new browser tab will open with a pre-filled HTTP policy.
    :::note
-   Not all CASB findings will have the **Block with Gateway HTTP policy** option. Unsupported findings can only be resolved from your SaaS application dashboard or through your domain provider.
+   Not all CASB findings will have the **Block with Gateway HTTP policy** option. Unsupported findings can only be resolved from your application dashboard or through your domain provider.
    :::
 
 5. (Optional) [Customize the HTTP policy](/cloudflare-one/policies/gateway/http-policies/). For example, if the policy blocks an unsanctioned third-party app, you can apply the policy to some or all users, or only block uploads or downloads.
@@ -89,9 +98,9 @@ After reviewing your findings, you may decide that certain findings are not appl
 
 1. In [Zero Trust](https://one.dash.cloudflare.com), go to **CASB** > **Findings**.
 2. In the **Active** tab, select the checkboxes for the findings you want to hide.
-3. Select **Ignore**.
+3. Select **Move to Ignore**.
 
-The findings will be moved from **Active** to **Ignored**. CASB will continue to scan for these findings and report detections in the **Ignored** tab. You can move ignored findings back to the **Active** tab at any time.
+The finding's status will change from **Active** to **Ignored**. CASB will continue to scan for these findings and report detections. You can change ignored findings back to **Active** with the same process at any time.
 
 ### Hide an instance of a finding
 

@@ -1,19 +1,18 @@
 ---
 {}
-
 ---
 
-When you integrate a third-party SaaS application with Cloudflare CASB, you allow CASB to make API calls to the application and read relevant data on your behalf. The CASB integration permissions are read-only and follow the least privileged model. In other words, only the minimum access required to perform a scan is granted.
+When you integrate a third-party SaaS or cloud application with Cloudflare CASB, you allow CASB to make API calls to the application and read relevant data on your behalf. The CASB integration permissions are read-only and follow the least privileged model. In other words, only the minimum access required to perform a scan is granted.
 
 ### Prerequisites
 
-Before you can integrate a SaaS application with CASB, your SaaS account must meet certain requirements. To view the prerequisites and permissions for your application, refer to its [integration guide](/cloudflare-one/applications/scan-apps/casb-integrations/).
+Before you can integrate a third-party application with CASB, its account must meet certain requirements. To view the prerequisites and permissions for your application, refer to its [integration guide](/cloudflare-one/applications/scan-apps/casb-integrations/).
 
 ### Add an integration
 
 1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **CASB** > **Integrations**.
 2. Select **Add integration**.
-3. Browse the available SaaS integrations and select the application you would like to add.
+3. Browse the available integrations and select the application you would like to add.
 4. Follow the step-by-step integration instructions in the UI.
 5. To run your first scan, select **Save integration**. You will be redirected to the [Findings page](/cloudflare-one/applications/scan-apps/manage-findings/) to see an in-depth listing of issues found.
 
@@ -30,11 +29,7 @@ You can resume application scanning at any time by turning on **Scan findings**.
 ### Delete an integration
 
 :::caution
-
-
 When you delete an integration, all keys and OAuth data will be deleted. This means you cannot restore a deleted integration or its scanned data.
-
-
 :::
 
 1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **CASB** > **Integrations**.