Release 1.8

November 25, 2022

Here’s what’s new in SaaS Detection and Response 1.8.0!

What’s New?

New Improvement in GSuite Connector for Deleted Users

With this release, SaaSDR deletes the Users from Directory tab if they are being deleted from the Gsuite subscription. The user details that were displayed on the Users tab and the respective invalid document scanner in Connector tab are now correctly displayed.

Improvements

Microsoft Office365 Connector

• Microsoft has deprecated the MSOnline module. Hence, with this release, we have replaced the respective module with graph API.
• Now, PowerShell version 4 is used in all the Unix scripts for PowerShell installation and upgrade.

Upgrade steps for Microsoft Office365 connector

Perform the following steps to upgrade the existing Microsoft Office365 connector to leverage the improvements introduced in SaaSDR 1.8.0:

1. Log in to Qualys Cloud Platform and navigate to Saas Detection and Response.
2. Download qualys_azure_setup.zip and extract it to a local folder.
   1. Go to the Configuration tab, click Create Connector and select Office365 from the list.
   2. In the right pane, click the link for detailed setup instructions.
      

      A documentation page appears with instructions.

3. Go to the Create Azure Resources section and download the qualys_azure_setup.zip using the link.
   
4. On the Bash terminal (Cygwin), run the upgrade script using: qualys_azure_upgrade. For example, sh qualys_azure_upgrade.sh.

Note: To run the script,

• You need the following permissions:
  • Global Reader
  • Compliance Admin
  • Teams Administrator
  • Privileged Role Administrator
• You must have MFA disabled. This is required because not all PowerShell modules support alternate/modern ways of authentication.
   

Post-upgrade steps for Office365 connector

1. Go to SaaS Detection and Response > Configuration.
2. Select the Office365 connector, click Actions > Re-authenticate, and wait until all the scanners and the connector are in the Success state.
   

3. Go to Policy tab and re-evaluate all the system-defined Office365 policies.
   1. In the Policy tab, click a policy.
   2. On the Policy Details page, select a connector and click Actions > Re-evaluate.
      

Remove Additional OAuth Scopes for Salesforce Connector

With SaaSDR 1.8.0, only the following two scopes are now required for the Salesforce OAuth app:

• Manage user data via apis (api)
• Perform request at anytime (refresh_token, offline_access)

Post-upgrade steps for Salesforce connector

Perform the following steps to remove the additional scopes from the OAuth app in Salesforce:

1. Log in to your Salesforce account.

2. Go to Manage Connected Apps section and know your OAuth app.

   

3. Go to App Manager > View App > Edit and select the OAuth app used for connector creation.
4. Remove the additional scopes and click Save.
   

5. Go to Saas Detection and Response > Configuration.

6. Select the Salesforce connector and click Actions > re-authenticate.