Enable Policy for Connector

You can run policies and benchmarks defined for your SaaS application. The controls are validated and the pass or fail status is displayed. Currently,

For Google Workspace: Best practices is supported

For Zoom: CIS Benchmark is supported

For Salesforce: Best Practices is supported

For MS O365: CIS Benchmark and Microsoft Office 365 Best Practices is supported

Navigate to Policy tab to view all the policies provided by Qualys. From here, you can also enable or disable the policy for a connector.

policies_sdr

Click on the policy to open it in the View Mode and navigate to the Connectors tab. Select a connector and from the Actions menu, enable or disable the policy for this connector.

enable the policy for selected connector

The Controls tab lists all controls with their details such as SaaS, criticality, etc. Click on any control to view details specific to that control.

control details

Once a policy is enabled for a connector, you can view your compliance posture in the Monitor tab.

Note: For the following controls to be evaluated in SaaSDR accurately, make sure the "Apps that don't use modern authentication" setting is enabled in Microsoft 365 Admin Center > SharePoint > Policies > Access Control:

70123, 70124, 70125, 70105, 70100, 70095

Note: You must have a Microsoft 365 E5 license to evaluate the following 4 controls:

70098, 70099, 70112, 70113