icon-zia.svg
Secure Internet and SaaS Access (ZIA)

About the Assets Report

The Assets Report shows you the current state of your files, email messages, and objects. It also allows you to see the activity for any particular file, email message, or object all in one place.

The Assets Report provides the following benefits and enables you to:

  • Gain visibility into your SaaS assets for various risk factors based on the application category.
  • Analyze the report for application-specific vulnerabilities to configure stronger policies to mitigate threats.

About the Assets Report Page

On the Assets Report page (Analytics > SaaS Security > Assets), you can do the following:

  1. Select an Application Category to view the report for that category.
  2. Select to view the scans for a particular time frame. You can choose to view scans for the current day, the current week, the last 24 hours, the last 7 days, or customize up to the last 90 days.
  3. Click Apply to update the page with your selections. You can click Reset at any time.
This image shows the filter options in the SaaS Assets Report - Gen AI Category

After you apply the preceding actions, a generated report appears for the application category you selected:

  • The following sections appear in your generated report for collaboration applications (Slack, Webex Teams, and Microsoft Teams):

    1. The number of Messages with Incidents Matching A Rule, Messages with DLP Violation, Messages with Malware, and Externally Sent Messages with DLP Violation.
    2. The applications along with their number of Messages with Incidents Matching A Rule, Messages with DLP Violation, Messages with Malware, and Externally Sent Messages with DLP Violation.
    3. The Messages per Tenant section breaks down the individual tenants with those objects. You can click on a tenant to further analyze it; you are redirected to the Assets with Incidents page.
    4. The Content Locations with Violations section shows which locations have violations. Use the All Tenants dropdown to select which tenant you'd like to view. Each location listed has the following columns:
      • Content Location: The location of the content.
      • Tenant: The name of the tenant.
      • Collaboration Scope: The collaboration scope and permissions for SaaS application tenant files (e.g., Edit).
      • Violations: The number of violations. You can sort this column. You can click on the number to further analyze the violations; you are redirected to the SaaS Security Insights Logs page. The number of violations listed in the column is for current scan results, whereas the SaaS Security Insights Logs page shows you all scans. You can sort this column.
      • Malware Detection: The amount of malware detected. You can sort this column. You can click on the number to further analyze the malware detected; you are redirected to the SaaS Security Insights Logs page. The number of malware detected listed in the column is for current scan results, whereas the SaaS Security Insights Logs page shows you all scans. You can sort this column.

    Close

  • The following sections appear in your generated report for CRM applications (Salesforce and Dynamic 365):

    1. The number of Objects with Incidents Matching A Rule, Objects with DLP Violation, Objects with Malware, and Externally Sent Objects with DLP Violation.
    2. The applications, along with their number of Objects with Incidents Matching A Rule, Objects with DLP Violation, Objects with Malware, and Externally Sent Objects with DLP Violation.
    3. The Objects per Tenant section breaks down the individual tenants with those email messages. You can click on a tenant to further analyze it; you are redirected to the Assets with Incidents page.
    4. The Entities with Violation section shows which repositories have violations. Each repository listed has the following columns:
      • Object Type: The type of object (e.g., report, campaign, dashboard).
      • Violations: The number of violations. You can sort this column. You can click on the number to further analyze the violations; you are redirected to the SaaS Security Insights Logs page. The number of violations listed in the column is for current scan results, whereas the SaaS Security Insights Logs page shows you all scans.
      • Malware Detection: The amount of malware detected. You can sort this column. You can click on the number to further analyze the malware detected; you are redirected to the SaaS Security Insights Logs page. The number of malware detected listed in the column is for current scan results, whereas the SaaS Security Insights Logs page shows you all scans.

    Close

  • The following sections appear in your generated report for email applications (Exchange and Gmail):

    1. The number of Email Messages with Incidents Matching A Rule, Email Messages with DLP Violation, Email Messages with Malware, and Externally Sent Email Messages with DLP Violation.
    2. The applications along with their number of Email Messages with Incidents Matching A Rule, Email Messages with DLP Violation, Email Messages with Malware, and Externally Sent Email Messages with DLP Violation.
    3. The Files per Tenant section breaks down the individual tenants with those email messages. You can click on a tenant to further analyze it; you are redirected to the Assets with Incidents page.

    Close

  • The following sections appear in your generated report for file sharing applications (Box, Confluence, OneDrive, ShareFile, SharePoint, Dropbox, Smartsheet, and Google Drive):

    1. The number of Files with Incidents Matching A Rule, Files with DLP Violation, Files with Malware, and Externally Shared Files with DLP Violation.
    2. The applications, along with their number of Files with Incidents Matching A Rule, Files with DLP Violation, Files with Malware, and Externally Shared Files with DLP Violation.
    3. The Files per Tenant section breaks down the individual tenants with those files. You can click on a tenant to further analyze it; you are redirected to the Assets with Incidents page.

    Close

  • The following sections appear in your generated report for Gen AI applications (ChatGPT):

    1. The number of Messages with Incidents Matching A Rule, Messages with DLP Violation, and Messages with Malware.
    2. The option to Expand All or Collapse All sections.
    3. The applications along with their number of Messages with Incidents Matching A Rule, Messages with DLP Violation, and Messages with Malware.
    4. The Messages per Tenant section breaks down the individual tenants with those messages. You can click on a tenant to further analyze it; you are redirected to the Assets with Incidents page.

    Close

  • The following sections appear in your generated report for ITSM applications (Jira Software and ServiceNow):

    1. The number of Objects with Incidents Matching A Rule, Objects with DLP Violation, Objects with Malware, and Externally Sent Objects with DLP Violation.
    2. The option to Expand All or Collapse All sections.
    3. The applications, along with their number of Objects with Incidents Matching A Rule, Objects with DLP Violation, Objects with Malware, and Externally Sent Objects with DLP Violation.
    4. The Objects per Tenant section breaks down the individual tenants with those email messages. You can click on a tenant to further analyze it; you are redirected to the Assets with Incidents page.
    5. The Now Entities with Violation section shows which repositories have violations. Each repository listed has the following columns:
      • Object Type: The type of object (e.g., report, campaign, dashboard).
      • Violations: The number of violations. You can sort this column. You can click on the number to further analyze the violations; you are redirected to the SaaS Security Insights Logs page. The number of violations listed in the column is for current scan results, whereas the SaaS Security Insights Logs page shows you all scans.
      • Malware Detection: The amount of malware detected. You can sort this column. You can click on the number to further analyze the malware detected; you are redirected to the SaaS Security Insights Logs page. The number of malware detected listed in the column is for current scan results, whereas the SaaS Security Insights Logs page shows you all scans.

    Close

  • To enable Amazon S3, Google Cloud Platform, and Microsoft Azure for your organization, contact your Zscaler Account team.

    The following section appears in your generated report for public cloud storage applications:

    • Total Number of Object Storages
    • Exposure
    • Object Storages Without Tags
    • Number of Objects with Incidents

    The following information appears in your generated report depending on the public cloud storage application:

      • Storage Buckets: The following columns appear under this tab:
        • Bucket Name: The name of the bucket. When you click on a bucket name, the Bucket Details window appears with the following information about that specific bucket:
          • General Info: The general information of the bucket (e.g., region, bucket type, bucket owner, etc.).
          • Exposure: The type of exposure, the bucket policy, and the bucket access control list (ACL) which shows the AWS accounts or groups with access to the bucket and their permission type.

      • Exposure: The type of exposure for the bucket (i.e., public, private, external, or internal).
      • Tags: The tag sets assigned to the bucket.
      • Files: The number of files in the bucket.

      • Files: The following sections appear under this tab:
        • The number of Objects with Incidents Matching A Rule, Objects with DLP Violation, and Objects with Malware for the application.
        • The Objects per Tenant section breaks down the individual tenants with those email messages. You can click on a tenant to further analyze it; you are redirected to the Assets with Incidents page.

      Close
      • Blob Containers: The following columns appear under this tab:
        • Container Name: The name of the container. When you click on a container name, the Blob Container Details window appears with the following information about that specific container:
          • Storage Account Properties: The properties of the container (e.g., resource group, location, subscription, etc.).
          • Overview: The overview of the container (e.g., name, lease state, URL, etc.).
          • Exposure: The type of exposure and permissions, which shows the accounts or groups with access to the container, their start date, end date, and permission type.

      • Exposure: The type of exposure for the container (i.e., public, private, external, or internal).
      • Tags: The tag sets assigned to the container.
      • Files: The number of files in the container.

      • Blobs: The following sections appear under this tab:
        • The applications, along with their number of Objects with Incidents Matching A Rule, Objects with DLP Violation, and Objects with Malware for the application
        • The Objects per Tenant section breaks down the individual tenants. You can click on a tenant to further analyze it; you are redirected to the Assets with Incidents page.

      Close
      • Storage Buckets: The following columns appear under this tab:
        • Bucket Name: The name of the bucket. When you click on a bucket name, the Bucket Details window appears with the following information about that specific bucket:
          • Overview: The overview of the bucket (e.g., cloud console URL, permissions, location, etc.).
          • Exposure: The type of exposure, the bucket policy, and permissions, which shows the name and role.

      • Exposure: The type of exposure for the bucket (i.e., public, private, external, or internal).
      • Tags: The tag sets assigned to the bucket.
      • Files: The number of files in the bucket.

      • Files: The following sections appear under this tab:
        • The number of Objects with Incidents Matching A Rule, Objects with DLP Violation, and Objects with Malware for the application.
        • The Objects per Tenant section breaks down the individual tenants with those email messages. You can click on a tenant to further analyze it; you are redirected to the Assets with Incidents page.

      Close
    Close

  • The following sections appear in your generated report for source code repository applications (GitLab, Bitbucket, and GitHub):

    1. The Total Number of Scanned Repositories, Exposure (Private or Public), Repositories without Tags, and Number of Objects with Incidents (DLP Violation and Malware).
    2. Scanned Repositories: The information about all the scanned repositories. The following columns appear under this tab:
      • Repository Name: The name of the repository. When you click on a repository name, the Repository Details window appears with the following information about that specific repository:
        • Overview: The overview of the repository (e.g., date created, modified, admin, its size, tags, etc.).
        • Access Policy: The type of exposure.

    • Exposure: The type of exposure for the repository (public or private).
    • Tags: The tag sets assigned to the repository.
    • Files: The number of files in the repository.
    1. Unscanned Repositories: The information about all the unscanned repositories. The following columns appear under this tab:
      • Repository Name: The name of the repository. When you click on a repository name, the Repository Details window appears with the following information about that specific repository:
        • Overview: The overview of the repository (e.g., date created, modified, admin, its size, tags, etc.).
        • Access Policy: The type of exposure.

    • Exposure: The type of exposure for the repository (public or private).
    • Tags: The tag sets assigned to the repository.
    • Files: The number of files in the repository.
    1. The Files tab shows the number of Objects with Incidents Matching a Rule, Objects with DLP Violation, Objects with Malware, and Externally Sent Objects with DLP Violation.
    2. The Objects per Tenant section breaks down the individual tenants with those email messages. You can click on a tenant to further analyze it; you are redirected to the Assets with Incidents page.

    Close

3rd-Party Integrations

The 3rd-Party Integrations tab shows Zscaler 3rd-Party App Governance data about the integrations associated with an application across your corporate SaaS platforms. For example, integrations with the OneDrive application indicate potential third-party access to your organization's Google Workspace account. The following applications support the tab:

  • Collaboration Applications (Slack, Microsoft Teams)
  • File Sharing Applications (OneDrive, SharePoint, Google Drive)
  • Email Applications (Exchange, Gmail)
  • CRM Applications (Salesforce and Dynamic 365)

On the 3rd-Party Integrations tab, you can view:

  • Total Integrations: The total number of integrations associated with the application (e.g., Google Drive) across your configured tenants.
  • Potentially Harmful / Vulnerable: The number of integrations that are potentially harmful or vulnerable.
  • Dormant: The number of integrations that are dormant (i.e., abandoned, inactive, or not maintained).
  • Overprivileged: The number of integrations with excessive or underused permissions.

As shown in the following image, you can click the link to see more in the 3rd-Party App Governance Admin Portal. To see more information, you must be a ZIA super admin and your organization must be subscribed to 3rd-Party App Governance. To obtain a subscription, contact Zscaler Support.

Related Articles
About the Shadow IT ReportAbout the Application InformationAbout the Assets ReportUnderstanding the Assets Report: Assets with IncidentsAbout the Activities ReportAbout Posture Management ReportAbout the 3rd-Party App Governance Report