Risk & Compliance Management
-
- Set up and populate your SaaS stack
- Integrate your ERP & accounting software with Sastrify
- Discovery via SSO (Single Sign-On) discovery integrations
- Admin Setup Guide: Sastrify for Chrome Browser Extension
- End User Guide: Add & activate Sastrify for Chrome Browser Extension
- Setup Guide: Sastrify for Microsoft Edge Browser Extension
- Set renewal dates & reminders
- Assign and modify tool owners
- Upload your SaaS documents into Sastrify
- Sastrify App Support: Assistance at your fingertip
- Sastrify's commitment to security and privacy standards
- Getting started guide: Fast and easy way to self-onboard your Sastrify platform
-
- Google Workspace SSO integration for subscription discovery
- Enhance organizational SaaS management with HRIS Integrations
- Summary tab & Contract AI for storing your subscription details
- Use discovered page to detect new subscriptions
- Tools and Spend Importer: Easily upload and visualize data in Sastrify
- Align vendor names using the Tool Matching feature
- Add Sastrify App to your Slack workspace
- Manually add a new subscription on the go
- How to bulk upload your invoices
- Forward your SaaS documents via email
- Change notification preferences
- A quick glance at your stack using the overview page
- Manage activities and collaborate using custom tasks
- Task Automation: Streamline the creation of routine tasks
- Sunset or delete inactive subscriptions
-
- Get expert procurement support for new purchases and renewals
- Create procurement support using Sastrify - Jira Integration
- Scope of service: Custom benchmarking & contract review
- Scope of service: Negotiation & renewal support
- Scope of service: Custom SaaS Optimization Advisory
- Purchase your SaaS through the SastriMarket
- Control your cloud costs with SastriCloud
-
- Usage Analytics: Full visibility into usage and cost optimization
- Okta Discovery and Usage Analytics Integration Guide
- How to integrate Pleo with Sastrify
- Spend Import: Validate and fine-tune your imported spend data
- How to connect Microsoft Dynamics 365
- How to connect Netsuite
- How to connect Quickbooks
- Export spend data from Candis to Sastrify
- Export spend data from Spendesk to Sastrify
- Export spend data from Pleo to Sastrify
- Export spend data from Moss to Sastrify
- Export spend data from DATEV to Sastrify
- Export spend data from Ramp to Sastrify
-
- Configure and manage your authentication settings
- Understanding user roles and permissions
- Microsoft SSO Login Configuration Guide
- Okta SSO Login Configuration Guide
- JumpCloud SSO Login Configuration Guide
- Cisco Duo SSO Login Configuration Guide
- OneLogin SSO Login Configuration Guide
- Having trouble logging in?
-
- ERP & Accounting Integration FAQs
- Discovery via SSO Integration FAQs
- Browser Extension FAQs
- HRIS Integration FAQs
- Usage Analytics FAQs
- Contract AI & Subscription Details FAQs
- Tools and Spend Importer FAQs
- Invoices FAQs
- Achieved & Potential Savings FAQs
- Form component guide for Sastrify form builder
- What is SaaS and Sastrify's scope of work?
- Who can invite a new user?
- Who receives the renewal alerts or reminders?
- How does Sastrify work with currencies?
- Is the spend data from accounting export always up-to-date?
- How to work with benchmark prices
- When and how to involve Sastrify in a contract evaluation or negotiation?
- How does Sastrify interact with SaaS vendors?
- How do you handle confidentiality clauses in vendor contracts?
- Does Sastrify handle SaaS contract termination?
- Why is contract data essential for benchmarking and negotiation support?
Uncover shadow IT and assess risk factors using Sastrify Radar Print
Modified on: Mon, 2 Jun, 2025 at 4:15 PM
Sastrify's Shadow IT Radar helps IT and compliance teams detect, assess, and manage shadow IT. With automated risk scoring, it provides actionable insights to reduce compliance risks, enhance security, and improve operations. Using browser extensions, it identifies shadow IT assets, assigns risk scores, and enables actions like approval, sanctioning, or contacting users.
IN THIS ARTICLE
- Basic Functionality Requirements
- Accessing Shadow IT Radar and its Building Blocks
- 1. Overview Tab
- 2. Sanctioned Tab
- 3. Users Tab
- 4. Ignored Tab
Basic Functionality Requirements
To ensure optimal performance of Shadow IT Radar, complete all of the following steps:
- Connect to one of the HRIS integrations.
- Enable an admin setup of Sastrify browser extension from your Sastrify platform.
- Instruct your employees to add and activate their Sastrify browser extension.
- For Okta users, enable the Okta SSO discovery integration.
Accessing Shadow IT Radar and its Building Blocks
Sastrify Radar can be accessed from Risk Monitoring > Shadow IT Radar.
Within the interface of this feature, you'll find four building blocks as represented by the four tabs, each designed with a specific purpose in mind.
- Overview: Track all discovered tools with filtering by risk score and usage, take actions such as approval or sanction, and summarize shadow IT findings and user monitoring by risk and monitoring status. The discovery comes from the detection performed by the browser extension and the SSO discovery.
- Sanctioned: View sanctioned tools and notify users with reminders to ensure compliance.
- Users: View a breakdown of users or employees, along with information about the tools they are using and their risk scores, as well as a summary of monitored and unmonitored employees and how many of them are using shadow IT and unsanctioned tools.
- Ignored: Not every discovery requires action. In addition to approving or sanctioning tools, you can now choose to ignore those that are irrelevant.
The following sections offer an overview of each tab, along with the available actions in each.
1. Overview Tab
- Display all tools and products discovered through browser extensions and SSO discovery integrations. These tools are not yet part of your existing tool stack.
- Use our matching algorithm to cross-reference tools and products with Sastrify's extensive SaaS product catalog. This ensures consistent and accurate naming across all discoveries. Any unmatched items can be manually matched using the fields on each line item, which gives you full control over shadow IT discoveries.
- Receive a risk assessment score for each of the detected tools. The detailed scoring breakdown can be viewed by clicking the expand buttons.
- Allow filtering and sorting by risk level, date, usage frequency, and category.
- Take actions such as approving or sanctioning tools.
- Approving will move the tools from this page to the Tool Stack page.
- Sanctioning will move the tools from this page to the Sanctioned tab.
- Ignoring will move the tools from this page to the Ignored tab.
- Provide a summary of total tools categorized by risk level and sanction status.
- Provide a breakdown of monitored and unmonitored users, showing which users have the Sastrify browser extension enabled and which have not.
Pro Tip: Approving, sanctioning, or ignoring can be performed on an individual basis or in bulk by selecting them and clicking the appropriate button in the lower right corner of the page.Each line item can be expanded by clicking the expand button to view a detailed score breakdown. Scores are generated automatically by a built-in AI agent that analyzes publicly available information on vendors and products.
We categorize scores into three risk levels:
- Low Risk (0-35): Minimal risk with no significant threats to security or operations.
- Medium Risk (36-64): Moderate risk with potential issues that should be addressed.
- High Risk (65-100): Significant risk requiring immediate action to mitigate security and operational threats.
For more detailed risk score evaluation criteria, click here.
2. Sanctioned Tab
This tab contains tools that have previously been marked as sanctioned. Within this tab, you can perform the following actions:
- View sanctioned tools.
- Allow filtering and sorting by name, category, and status.
- Perform later approvals when specific sanctioned tools are approved for organizational use, either on an individual basis or in bulk.
- Notify users who are using or are associated with certain tools and send reminders to ensure compliance.
When the "Notify Users" button is clicked, the Sastrify admin can send an email notification to users or employees using the sanctioned tool.
Tips: You can approve or notify multiple tools at once by selecting them and clicking the appropriate button in the lower right corner of the page.
3. Users Tab
Provide a breakdown of monitored and unmonitored users, showing which users have the Sastrify browser extension enabled and which have not.
Provide a summary of shadow IT users in your organization and those using sanctioned tools.
Get a detailed breakdown at the employee level, including tools used and tools sanctioned per employee.
- Allow filtering and sorting by name, used tools, sanctioned tools, and status.
- Use the notification function to:
- Contact shadow IT users to address unauthorized tool usage.
- Remind sanctioned tool users to discontinue use.
- Notify unmonitored users to add and activate the browser extension.
4. Ignored Tab
This tab contains tools that have previously been marked as ignored. Within this tab, you can perform the following actions:
- View ignored tools.
- Use our matching algorithm to cross-reference tools and products with Sastrify's extensive SaaS product catalog. This ensures consistent and accurate naming across all discoveries. Any unmatched items can be manually matched using the fields on each line item, which gives you full control over shadow IT discoveries.
- Allow filtering and sorting by name, category, and status.
- Perform later approvals or sanctions either on an individual basis or in bulk.
Tips: You can approve or sanction multiple tools at once by selecting them and clicking the appropriate button in the lower right corner of the page.
Did you find it helpful? Yes No
Send feedback