SaaS Discovery in APM
Automatically identify all your SaaS services and connect them to your APM workspace
What is SaaS Discovery?
LeanIX SaaS Management Platform (SMP) provides Integrations with key enterprise systems (incl. SSO, CASB, expense management, and financial management) and SaaS vendors to discover and track all your SaaS applications including decentrally purchased SaaS.
- Centralize all SaaS Applications from disparate locations (spreadsheets) in a unified platform
- Discover all existing SaaS Applications across the organization and get full visibility
- Reveal/ identify accountability and ownership
- Get real-time visibility to optimize usage and ensure proper entitlements, eliminate waste and control SaaS spend
- Enable business unit leaders to make informed decisions on all SaaS Applications they are using and hold them accountable to justify the need for the Applications in their business unit
- Reduce the risk of unknown SaaS Applications being overlooked during an organization's regular compliance review
Key Feature | Function |
|---|---|
Automated discovery with integrations to key enterprise systems | Mapping of SaaS Applications landscape based on integrations with key enterprise systems. |
Monitoring and alerting | Detection of SaaS Applications purchased outside of official IT procurement channels. Automatic alerts via email and dashboard when non-compliant or risky SaaS Applications are detected. |
Spend analysis | SaaS spend break down and trend analysis by service or organizational unit. |
Role-based access control | Access permissions management based on the role of the user within an organization. |
All existing and new LeanIX Customers using the APM module - new LeanIX pricing - will get SaaS Discovery & Catalog functionality with no additional costs as part of their subscriptions.
Setting up SaaS Discovery in APM
Activation is available in a self-opt way in the "Optional Features & Early Access" entry in the Admin menu. This means that the administrator has to initiate the activation of the integration from the workspace itself without the intervention of a third party, such as the CSM or support.
- In the admin menu, go to the “Optional features and Early access” section. From the list, identify "SaaS Discovery / SaaS Management Platform", and click on activate.
- The process will guide you through the 3 following steps:
The signing of a contract amendment to allow data usage
Activation of necessary features - some of which are data model changes.
Creation of a new or linking an existing SMP workspace to your EAM workspace
Information
You can see the details on Data Usage here
- Once the integration is active, a new menu entry "SaaS Discovery" will be visible. It might be necessary to refresh the page to see the new entry in the menu. You can now continue there and make the decision to link or create new applications to SMP.
Features
SaaS Catalog
Within the platform capability “Reference catalogs”, LeanIX introduces a second capability for SaaS applications, which provides standard and up-to-date information to simplify EA.
The SaaS Catalog will be activated for all APM customers opting in for SaaS Discovery. The catalog can provide fields as follows:
- Name and description of the application
- (New) Product category
- (New) SSO Availability and available Providers
- (New) Hosting type and description
- Logo (visible in the Self-Service Portal)
- Direct relation with an ITC
- Indirect relation from the ITC to the Provider
Information
All fields with (New) will be provisioned and added to the data model on activation of the SaaS Catalog, provisioning cannot be undone, but fields and sections can be moved by admin.
The fields to be synchronized can be configured by the admin under the Reference Catalogs section, in order to automate the update of your SaaS Applications.
How to link applications to the SaaS catalog?
On the sidebar of an Application Fact Sheet, under the Reference Catalogs, you will see the "SaaS Catalog" link and you can click on it.
The link will bring you to a new window and this UI will open, and now you are ready to enter the name of the application you want to link in the search bar. A preview of all the available data is displayed, making data synchronization transparent.
New to-dos
The activation of SaaS discovery introduces 2 new to-do types
Type | Description | Use in SaaS Discovery |
|---|---|---|
Import | Creates a new Application FS in the workspace with its respective relations (ITC and Provider) and links it to both the SaaS Catalog, and the SaaS Discovery integration | New Applications |
Link | Links an existing Application FS (that is also linked to the SaaS Catalog) with its respective relations (ITC and Provider) to the SaaS Discovery integration | Matching Applications |
Setting up integrations in SMP
You can find the detail on how to set up an integration on the Integrations docs page.
Information
To search for all applications that have already been linked, use the filter “Catalog Status” in the inventory.
Managing SaaS applications with SaaS Discovery
Once activated, admins will see the “SaaS Discovery” entry in the admin menu. On this page, users can see a complete list of all discovered applications and decide if they want to link (Matching Applications tab) or create (New Applications tab) new applications in their workspace. A third tab serves as a decision log and displays all resolved applications.
Admins can decide to forward these Import and Link to-dos to other users in the workspace using the "Select assignees" button of the expanded to-do. Be aware of the authorisations given to the assignees, as they need to be able to create and update Fact Sheets when interacting with the Import and Link to-dos.
Match Applications
In Matching Applications, the Fact Sheet column shows the recommended Application found in the workspace. Created on is the date when the application was discovered and the decision column states if the admin decided to approve or reject the linking.
Every entry in the list can be expanded to review not only the description of the Application but also the dependencies that will be created/linked
Matching Applications also have the to-do item directly in the Fact Sheet, not only the admin can decide on the linking but also the Application owner.
Create new Applications from SaaS Discovery
In New Applications, the Fact Sheet column is always empty, as no matching Application has been found in the workspace. Created on is the date when the application was discovered and the decision column states if the admin decided to approve or reject the creation.
In addition to the Create feature, a Search feature is provided in case the admin knows an Application for the discovered one already exists in the workspace, but is still not linked to the catalog.
Review resolved Applications
Next to the Matching and New Applications tab the Resolved Applications tab shows you a list of all Import and Link to-do items that have been closed by rejecting or creating/linking the Application.
FAQ: Why I don't see any data in the SaaS Discovery section?
- You haven't set up the sources in SMP to discover applications. You can refer to Discovery Sources and Integrations for more detail information
- The integration runs every night, check up the sync log and filter by name SMPtoEAM to understand the current state and wait for the next run.
- You don't have any newly discovered applications
SaaS Discovery on applications in APM
Cost
In Application Fact Sheets a new section called "Saas Discovery" will be displayed. In this section, it is possible to see the data corresponding to the cost (last month and year-to-date spend) of the application, and the active users - which are directly synchronized with SMP.
To see more information in SMP, users can simply go to the resource tab and click on the link to go directly to the application.
SSO details
SaaS Discovery in combination with the SaaS Catalog also provides details on the SSO. This includes information on the current SSO integration status, like if the Application is integrated with SSO (SSO Status = SSO Implemented) and which “SSO Provider” it is integrated with or if SSO is not implemented (SSO not implemented). If SSO is not implemented, the Provider is left empty.
The SaaS Catalog adds information on which Application can potentially be integrated with SSO (SSO Availability) and lists the available SSO Providers.
Updated 9 days ago