The SpinOne platform provide All-in-One SaaS Security for mission-critical applications such as Google Workspace, Microsoft 365, Salesforce and Slack. On top of protecting the ecosystem around the SaaS application, SpinOne also helps customers improve their Security Posture by monitoring for configurations and controls of that SaaS application.
Available for customers on the SpinSPM and SpinOne subscriptions for Google Workspace and Microsoft 365.
Head to the Posture Management section from the left panel of your SpinOne platform to learn more.
You'll immediately notice 4 sections that make up the Posture Management dashboard.
Posture Score
Posture score calculates the number of points achieved based on the configurations completed successfully. Each control that has been completed successfully will add the corresponding number of points to the total, increasing the overall Posture Score. Points can also be achieved from controls in status Pass, Alternative Resolution and Partial Pass.
Customers should aim to have as high of a Posture Score as possible. However, since every organization has different security requirements to support unique business operations, a Posture Score benchmark is provided based on various industries and company sizes (or user count). This feature can be accessed by selecting the “Compare to others” link. These benchmark scores are regularly maintained and derived from IT and cybersecurity professionals using Posture Management to protect their environments.
Posture Breakdown
There are a few statuses that a control may have, see the explanation of the statuses below:
- Pass - Control has been fully implemented
- Partial Pass - Control has been implemented partially
- Alternative Resolution - Control has been fully implemented through alternative methods
- Risk Accepted - Control has not been implemented but imposed risk has been accepted
- To Address - Control has not been implemented at all
- Suppressed - Control has been marked as an exception and is not implemented
Controls completed takes into consideration controls in status Pass, Alternative Resolution and Risk Accepted. Controls in status Suppressed are not counted as a part of all controls.
NOTE: Controls in status Risk Accepted do not add points achieved.
Customers should always work on completing all controls in order to have an accurate Posture Score & Breakdown.
History
To show the trend of the SaaS application's posture, you can choose to see a 7/14/30 day Posture Score History and specify whether to see the history for controls in all severities - or specific ones.
Outstanding Controls
This widget will prioritize controls that have not been completed based on their severity. High priority controls that are not completed will be shown first.