探索到的應用程式篩選與查詢Discovered app filters and queries

適用於:Microsoft Cloud App SecurityApplies to: Microsoft Cloud App Security

當您有大量探索到的應用程式時,您會發現篩選和查詢這些應用程式會很有幫助。When you have a large number of discovered apps, you'll find it useful to filter and query them. 本文描述哪些篩選可供使用,以及如何查詢您探索到的應用程式。This article describes what filters are available and how to query your discovered apps.

探索到的應用程式篩選Discovered app filters

探索到的應用程式篩選分為基本和進階。There are basic and advanced Discovered app filters. 若要取得複雜的篩選 (如以上範例所示),請使用包括下列所有篩選的進階選項:To achieve a complex filter (such as in the example above) use the advanced option, which includes all of the following filters:

探索到的應用程式

  • 應用程式標籤:選擇應用程式為獲批准、待批准或未標記。App tag: Select whether the app was sanctioned or unsanctioned or not tagged. 此外,您可以為應用程式建立自訂標籤,然後使用此標籤來篩選特定應用程式類型。Additionally, you can create a custom tag for your app and then use it to filter for specific types of apps.
  • 應用程式與網域:可讓您搜尋特定應用程式或用於特定網域的應用程式。Apps and domains: Enables you to search for specific apps or apps used in specific domains.
  • 類別:類別篩選位於頁面左邊,可讓您根據應用程式類別搜尋不同類型的應用程式。Categories: The categories filter, located on the left of the page, enables you to search for types of apps according to app categories. 類別範例包括社交網路應用程式、雲端儲存體應用程式和託管服務。Example categories include social network apps, cloud storage apps, and hosting services. 您可以一次選取多個類別或單一類別,然後將基本和進階篩選套用至其上。You can select multiple categories at a time, or a single category, then apply the basic and advanced filters on top.
  • 合規性風險因素:可讓您搜尋應用程式可能符合的特定標準、認證與規範 (HIPAA、ISO 27001、SOC 2、PCI-DSS 等)。Compliance risk factor: Lets you search for a specific standards, certification, and compliance that the app may comply with (HIPAA, ISO 27001, SOC 2, PCI-DSS, and more.).
  • 一般風險因素:可讓您搜尋一般風險因素,例如消費者歡迎程度、資料中心地區設定等。General risk factor: Lets you search for general risk factors such as consumer popularity, data center locale, and more.
  • 風險分數:可讓您依風險分數篩選應用程式,以便專注在只檢閱高風險的應用程式。Risk score: Lets you filter apps by risk score so that you can focus on, for example, reviewing only highly risky apps. 您也可以覆寫 Cloud App Security 所設定的風險分數。You can also override the risk score set by Cloud App Security. 如需詳細資訊,請參閱使用風險分數For more information, see Working with the risk score.
  • 安全性風險因素:可讓您根據特定安全措施 (例如待用資料加密、多重要素驗證等) 進行篩選。Security risk factor: Enables you to filter based on specific security measures (such as Encryption at rest, multi-factor authentication, etc.).
  • 使用量:可讓您根據此應用程式的使用量統計資料進行篩選。Usage: Lets you filter based on the usage statistics of this app. 使用量可來自具有小於或大於指定資料上傳數目的應用程式,以及具有大於或小於指定使用者數目的應用程式。Usage such as apps with less than or more than a specified number of data uploads, apps with more than or less than a specified number of Users.
  • 法務風險因素:可讓您根據所有適用法規與原則進行篩選,以確保應用程式使用者的資料保護與隱私權。Legal risk factor: Lets you filter based on all the regulations and policies that are in-place to ensure data protection and privacy of the app's users. 範例包括符合 GDPR 規範的雲端應用程式、DMCA 與資料保留原則。Examples include GDPR ready cloud apps, DMCA, and data retention policy.

建立及管理自訂應用程式標籤Creating and managing custom app tags

您可以建立自訂應用程式標籤。You can create a custom app tag. 接著可以使用這些標籤作為篩選,以深入探討您想要調查的特定應用程式類型。These tags can then be used as filters for deeper diving into specific types of apps that you want to investigate. 例如,自訂監看清單、指派給特定的業務單位或自訂核准,例如「合法核准」。For example, custom watch list, assignment to a specific business unit, or custom approvals, such as "approved by legal". 應用程式標籤也可用於篩選器中的應用程式探索原則,或將標記套用至應用程式,做為原則治理動作的一部分。App tags can be also used in app discovery policies in filters or by applying tags to apps as part of the policy governance actions.

建立自訂應用程式標籤:To create a custom app tag:

  1. 從 [ 設定 ] 齒輪中,選取 [ Cloud Discovery 設定],然後選取 [ 應用程式 標籤] 索引標籤。按一下加號圖示。From the Settings cog, select Cloud Discovery settings, then the App tags tab. Click the plus icon. 加號圖示plus icon

    建立自訂應用程式標籤

  2. 您可以使用 [應用程式標籤]**** 資料表,檢視每個應用程式標籤目前標記的應用程式,而且您可以刪除未使用的應用程式標籤。You can use the App tags table to view which apps are currently tagged with each app tag and you can delete unused app tags.

  3. 若要套用應用程式標籤,請在 [探索到的應用程式]**** 索引標籤中,按一下應用程式名稱最右側的三個點。To apply an app tag, in the Discovered apps tab, click on the three dots at the far right of the app name. 選取要套用的應用程式標籤。Select the app tag to apply.

注意

您也可以直接在 [探索到的應用程式]**** 資料表中建立新的應用程式標籤,方法是在選取任何所選應用程式右側的三個點之後,按一下 [Create app tag](建立應用程式標籤)****。You can also create a new app tag directly in the Discovered apps table by clicking Create app tag after selecting the three dots to the right of any selected app. 當您從探索到的應用程式建立標籤時,您可以將它套用至應用程式。When you create the tag from the discovered app, you can apply it to the app. 您也可以按一下角落的 [管理標籤]**** 連結,來存取 [應用程式標籤]**** 畫面。You can also access the App tags screen by clicking the Manage tags link in the corner. 從應用程式建立自訂應用程式標籤create custom app tag from app

探索到的應用程式查詢Discovered app queries

若要更輕鬆地進行調查,您可以建立自訂查詢,並加以儲存以供稍後使用。To make an investigation even simpler, you can create custom queries and save them for later use.

  1. 如有需要,在 [探索到的應用程式]**** 頁面中,使用上文描述的篩選向下鑽研至您的應用程式。In the Discovered apps page, use the filters as described above to drill down into your apps as necessary.

  2. 得到所要的結果之後,請按一下篩選右上角的 [另存新檔]**** 按鈕。After you've achieved the wanted results, click the Save as button in the top right corner of the filters.

  3. 在 [ 儲存查詢 ] 快顯視窗中,為您的查詢命名。In the Save query pop-up, name your query.

    新增查詢

  4. 日後若要再次使用這項查詢,請在 [查詢]**** 下向下捲動至 [儲存查詢]****,並選取您的查詢。To use this query again in the future, under Queries, scroll down to Saved queries and select your query.

    開啟查詢

Cloud App Security 也會提供您建議的查詢,讓您儲存經常使用的自訂查詢。Cloud App Security also provides you with Suggested queries and enables you to save custom queries you frequently use. 建議的查詢提供調查途徑建議,使用下列選用建議查詢篩選探索到的應用程式:Suggested queries provide you with recommended avenues of investigation that filter your discovered apps by using the following optional suggested queries:

  • 允許匿名使用的雲端應用程式 - 篩選所有探索到的應用程式,只顯示有安全性風險的應用程式,因為它們不需要使用者驗證,而且允許使用者上傳資料。Cloud apps that allow anonymous use - filters all your discovered apps to display only apps that are security risks because they don't require user authentication and allow users to upload data.

  • CSA STAR 認證的雲端應用程式 -篩選您所有探索到的應用程式,只顯示具有 CSA STAR 認證的應用程式,不論是自我評量、認證、證明或持續監視。Cloud apps that are CSA STAR certified - filters all your discovered apps to display only apps that have CSA STAR certification either by self-assessment, certification, attestation, or continuous monitoring.

  • 符合 FedRAMP 規範的雲端應用程式 -篩選所有探索到的應用程式,只顯示 FedRAMP 合規性風險因素為高、中或低的應用程式。Cloud apps that are FedRAMP compliant - filters all your discovered apps to display only apps whose FedRAMP compliance risk factor is high, medium, or low.

  • 擁有使用者資料的雲端儲存體和共同作業應用程式 - 篩選所有探索到的應用程式,只顯示有風險的應用程式,因為它們不允許您有自己資料的擁有權,但它們卻要保留您的資料。Cloud storage and collaboration apps that own user data - filters all your discovered apps to display only apps that are risky because they don't allow you to have ownership over your data but they do retain your data.

  • 風險且不符合規範的雲端儲存體應用程式-篩選您所有探索到的應用程式,只顯示不符合 SOC 2 或 HIPAA 規範的應用程式,這些應用程式不支援 PCI DSS 版本,而且其風險分數為5或更低。Cloud storage apps that are risky and non-compliant - filters all your discovered apps to display only apps in which they aren't SOC 2 or HIPAA compliant, they don't support PCI DSS version and they have a risk score of 5 or lower.

  • 具有弱式驗證的企業雲端應用程式 -篩選所有探索到的應用程式,只顯示不支援 SAML 的應用程式、沒有密碼原則,而且不啟用 MFA。Enterprise cloud apps that have weak authentication - filters all your discovered apps to display only apps that don't support SAML, have no password policy, and don't enable MFA.

  • 具有弱式加密的企業雲端應用程式 - 篩選所有探索到的應用程式,只顯示有風險的應用程式,因為它們不會加密待用資料,而且不支援任何加密通訊協定。Enterprise cloud apps that have weak encryption - filters all your discovered apps to display only apps that are risky because they don't encrypt data-at-rest and don't support any encryption protocol.

  • GDPR 就緒雲端應用程式 - 篩選您探索到的所有應用程式,只顯示 GDPR 就緒的應用程式。GDPR ready cloud apps - Filters all your discovered apps to display only apps that are GDPR ready. 由於 GDPR 合規性是最高的優先順序,因此此查詢可協助您輕鬆地找出已 GDPR 就緒的應用程式,並藉由評估非的風險來減輕威脅。Because GDPR compliance is a top priority, this query helps you easily identify apps that are GDPR ready and mitigate threat by assessing the risk of those that aren't.

查詢探索到的應用程式

此外,您也可以使用建議的查詢開始新的查詢。Additionally, you can use the suggested queries as a starting point for a new query. 首先,選取其中一個建議的查詢。First, select one of the suggested queries. 然後,視需要進行變更,最後按一下 [另存新檔]**** 建立新的 [已儲存的查詢]****。Then, make changes as needed and finally click Save as to create a new Saved query.

後續步驟Next steps