icon-unified.svg
Experience Center

Security Policy Audit Report

The Security Policy Audit Report allows you to view your Security Policy settings and improve them by following best practices guidelines.

You can view the report in the Admin Portal by going to Analytics > Internet & SaaS > Analytics > Security Policy Audit Report.

Report Sections

The report has three main sections:

  • This section includes:

    • SSL Inspection: This includes the percentage of encrypted traffic that is being inspected, the Revoked Server certificate, and the Untrusted SSL Server certificate.
    • Inbound/Outbound: Inspected inbound and outbound traffic.
    • Protocol Inspection: This includes the following protocols:
      • Inspect HTTP
      • Inspect FTP over HTTP
      • Inspect FTP
      • Inspect Tunneled HTTP

    Close

  • This section includes:

    • Malware: Types of malware include:
      • Viruses
      • Unwanted applications
      • Trojans
      • Worms
      • Adware
      • Spyware
    • Advanced Threats: Types of Advanced Threats include:
      • PageRisk
      • Botnet
      • Malicious Active Content protection
      • Fraud protection
      • Unauthorized Communication protection
      • XSS
      • Suspicious destination
    • Browser Control: This includes checks and Allow All Browsers. It's recommended to enable Checks & User Notifications and to block older browsers.

    The Browser Vulnerability Protection section is only applicable when you are using browser-based authentication.

    • Cloud Sandbox: This includes Sandbox policies 1 through 4.

    Close

  • This section includes SSL exceptions and Malware/Advanced Threats exceptions.

    Close

Report Grading

The possible grades you can receive are A, B, C, or N/A, with C being the lowest. Your grade is impacted if you don't comply with the best practice guidelines. If you don't have a subscription for a certain area (e.g. Sandbox), then any non-compliance in that area won't impact your grade.

If you don't follow the best practice settings for the following areas and policies, your grade for non-compliance will be a C:

  • AreaPolicyBest Practice Setting
    Malware Protection: Traffic InspectionInspect Inbound TrafficEnabled
    Malware Protection: Traffic InspectionInspect Outbound TrafficEnabled
    Malware Protection: Protocol InspectionInspect HTTPEnabled
    Advanced Threats: BotnetCommand & Control ServersBlock
    Advanced Threats: BotnetCommand & Control TrafficBlock
    Advanced Threats: Malicious Active ContentMalicious Content & SitesBlock
    Advanced Threats: Fraud ProtectionKnown Phishing SitesBlock
    Advanced Threats: Fraud ProtectionSuspected Phishing SitesBlock
    SandboxKnown malicious files from any URL category of any file typeAction = Block
    ALL FILE TYPES
    ALL URL CATS
    SandboxAll other file type and URL category combinationsFirst Time Action = Allow and Scan
    Close

If you don't follow the best practice settings for all other areas, your grade for non-compliance will be a B.

Related Articles
About Cybersecurity InsightsAbout Interactive ReportsAbout Industry Peer ComparisonAbout the System Audit ReportAbout the Sandbox Activity ReportScheduling the Sandbox Activity Report Weekly EmailAbout the Sandbox Files Found Malicious ReportScheduling the Sandbox Files Found Malicious Report Weekly EmailCIPA Compliance ReportAbout the Company Risk Score ReportAbout the User Risk ReportCompany Summary Report (CIO Report)Company Summary Report (CSO Report)Security Policy Audit ReportExecutive Insights ReportAbout SaaS Assets Summary ReportViewing Internet & SaaS Quarterly Business Review ReportsAbout Configuration Risk ReportAbout the Data Discovery ReportViewing Data Discovery DetailsAbout the IoT Discovery ReportAbout Discovered DevicesProviding Feedback on IoT Device ClassificationsAbout Scheduled ReportsScheduling ReportsCreating or Copying a ReportExcluding Locations in User-Related ReportsExporting and Importing ReportsPrinting ReportsAbout Endpoint DLP ReportAbout Endpoint DLP Report: IncidentsAbout the Email Security ReportAbout Email Security Report: IncidentsAbout the Gen AI Security ReportAbout the Instance Discovery ReportViewing the Resource Discovery Report