Fortinet black logo

Administration Guide

Shadow IT

Shadow IT

Shadow IT includes the following widgets:

Personal Accounts with Cloud Access

Displays personal accounts with cloud access.

Personal Accounts with File Access

Displays personal accounts users with file access.

Unsanctioned Cloud Service

Displays unsanctioned cloud services.

File exfiltration detection

Displays file exfiltration detections.

Configuration requirements

In order for FortiAnalyzer to be able to correlate data from FortiGate and FortiCASB and generate the log data used in the Shadow IT monitor, an administrator must configure the FortiCASB connector on FortiAnalyzer in Fabric View. See Creating or editing Security Fabric connectors.

To retrieve cloud applications, users, and sensitive file information from FortiCASB on demand, an administrator must also configure a FortiAnalyzer playbook in FortiSOC with the Get Cloud Data action using the FortiCASB connector. See Playbooks.

Shadow IT

Shadow IT includes the following widgets:

Personal Accounts with Cloud Access

Displays personal accounts with cloud access.

Personal Accounts with File Access

Displays personal accounts users with file access.

Unsanctioned Cloud Service

Displays unsanctioned cloud services.

File exfiltration detection

Displays file exfiltration detections.

Configuration requirements

In order for FortiAnalyzer to be able to correlate data from FortiGate and FortiCASB and generate the log data used in the Shadow IT monitor, an administrator must configure the FortiCASB connector on FortiAnalyzer in Fabric View. See Creating or editing Security Fabric connectors.

To retrieve cloud applications, users, and sensitive file information from FortiCASB on demand, an administrator must also configure a FortiAnalyzer playbook in FortiSOC with the Get Cloud Data action using the FortiCASB connector. See Playbooks.