detecting-shadow-it-cloud-usage

Detects shadow IT by analyzing proxy logs, DNS queries, and netflow data with Python pandas; classifies SaaS domains, flags unauthorized services, scores risks, generates reports. For SOC threat hunting and compliance audits.

Detects shadow IT cloud usage by analyzing proxy, DNS query, and netflow logs with Python pandas for domain classification, traffic volumes, and risk scoring.

Audits shadow IT and SaaS usage via Zscaler Z-Insights: discovers unsanctioned apps, assesses risk scores, monitors CASB usage, tracks data transfers, inventories IoT devices. For security team shadow IT queries.