Assess the Risk of Browser Extensions Installed in Your Browser. Add to Chrome.×
Home » Spin.AI Blog » A Deep Dive into New SpinOne Features
November 3, 2023 | Updated on: April 11, 2024 | Reading time 6 minutes

A Deep Dive into New SpinOne Features

Author:
Avatar photo

Vice President of Product

Our highly anticipated new SpinOne features are here! Stay ahead of the latest security threats and improve your SaaS Security Posture by identifying and mitigating risks in your SaaS environment with these new features – available for SpinOne customers today. Let’s take a closer look at what these new features mean for you and your organization.

The number of OAuth applications and browser extensions that your security teams manage is increasing constantly, making it increasingly difficult to get an understanding of insights and trends – and even more difficult to make agile decisions.

The new Apps Risk Heatmap is a powerful tool from SpinOne that helps you understand and manage risk from 3rd party applications and browser extensions. This heatmap is highly customizable, allowing you to specify risk and exposure factors to identify and prioritize high-risk applications and risk trends at a glance.

Head to the Risk Assessment Overview section from the left panel to uncover insights on all your applications.


The Risk Assessment Overview is broken down into 5 tabs:

  • Overview – a general summary of all applications and their breakdown, with insights on how many applications are medium or high risk, and even how many were installed in the past week
  • By Service – breakdown of the most impacted services within your SaaS application
  • By Permissions – visibility into scopes of permissions and insights into their risk level
  • By Category – common categories from installed applications and extensions
  • By Compliance – executive insights on applications and compliances they adhere to

Dive deeper into each tab to uncover insights and identify which applications and extensions are risky for your organization.

The Apps Risk Heatmap on the right hand corner is a configurable risk matrix showing Risk and Exposure. The Risk Trend on the bottom indicates number of High, Medium or Low risky applications that meet the defined factors.

Click on the Settings icon on the top right to configure factors.

For Risk and for Exposure, you will be able to configure and define what is Medium or High risk. To add a new factor, click on the + icon, select a factor and specify the risk you’re looking for.

Once you’ve configured all factors, click Save in order to immediately see the results on the heatmap. Click on each box to uncover applications that fall under that criteria.

Enhanced Posture Management controls: Manage and Share 

Proactively identify and remediate security misconfigurations by creating granular policies and receiving real-time alerts. 

Manage allows you to change the status of the control manually. There are two possible statuses that can be granted manually:

  • Risk Accepted – Control has not been implemented but imposed risk has been accepted
  • Alternative Resolution – Control has been fully implemented through alternative methods

To put controls on these statuses, customers must also specify their reasoning and add additional notes.

Share allows customers to share the control of Email, Jira & ServiceNow integration. This can help to delegate the control to different departments within the organization by creating a ticket for them, or can even act as a way to notify End Users of changes they need to make from their end.

Enhanced Misconfiguration Management

To receive alerts when statuses of controls have changed, or change the scope of specific controls, create a new Posture Policy.

In the Conditions section of the policy, specify the controls which you are changing the scope for.

In the Actions section of the policy, enable Detect Configuration Drift to monitor for controls with status changes. Select the notification channels you would want to receive notifications to and click Next step when you are done. 


On the Scope & Exceptions page, specify for which users and groups these controls should be monitored for.

NOTE: The control will be suppressed for all users that are not part of the Scope. If all groups are removed, then the control will be entirely Suppressed.


Once you’ve created the policy, ensure you have the right priority of policies configured. If needed, change the priority of your policies. Whichever policy is triggered first, will be the one that is activated.



More customizable alerts than ever before 

No matter which subscription you are on, or which SaaS applications you are protecting, notifications have never been more customizable with SpinOne. Configure notifications for each policy for each integration to meet your business requirements by specifying how Email, Slack, Teams, Jira, ServiceNow and other alerts should be sent.

Head to Security policies → Notification templates from the left panel of your SpinOne platform to get started.


In the Actions section of the policy, enable Detect Configuration Drift to monitor for controls with status changes. Select the notification channels you would want to receive notifications to and click Next step when you are done. 


On the Scope & Exceptions page, specify for which users and groups these controls should be monitored.

NOTE: The control will be suppressed for all users that are not part of the Scope. If all groups are removed, then the control will be entirely Suppressed.


Once you’ve created the policy, ensure you have the right priority of policies configured. If needed, change the priority of your policies. Whichever policy is triggered first will be the one that is activated.



Complete protection on one, unified platform

You need a streamlined, simple way to manage your SaaS workspaces to protect your SaaS data. These key updates give your SecOps team the power of customization and automation – replacing manual, time-wasting tasks with complete protection on one platform. 

Read more about our major Q3 Product Updates, visit our Knowledge Center, or reach out to us on live chat at spin.ai.

Was this helpful?

Thanks for your feedback!
Avatar photo

Written by

Vice President of Product at Spin.AI

Davit Asatryan is the Vice President of Product at Spin.AI

He is responsible for executing product strategy by overseeing the entire product lifecycle, with a focus on developing cutting-edge solutions to address the evolving landscape of cybersecurity threats.

He has been with the company for over 5 years and specializes in SaaS Security, helping organizations battle Shadow IT, ransomware, and data leak issues.

Prior to joining Spin.AI, Davit gained experience by working in fintech startups and also received his Bachelor’s degree from UC Berkeley. In his spare time, Davit enjoys traveling, playing soccer and tennis with his friends, and watching sports of any kind.


Featured Work:
Webinar:

How Can You Maximize SaaS Security Benefits?

Let's get started with a live demo

Latest blog posts

Why Google Drive Backups Are Important

Google Drive offers customers a unique blend of robust security features to keep their data...

Courtney Ostermann - Chief Marketing Officer Spin.AI

Chief Marketing Officer

Read more
SaaS backup and application governance

Evaluating the Best Backup Services: What to Look For and Popular O...

If you’re here right now you’ve probably realized how important it is to backup your...

Avatar photo

Product Manager

Read more

Brewing Trouble: How a Starbucks Ransomware Attack Poured Cold Wate...

Cybercriminals often carry out attacks around holidays as this helps to ensure the most amount...

Avatar photo

Vice President of Product

Read more