Data security analytics

The Data security analytics dashboard reports security issues and sensitive data found within your SaaS applications, cloud environments, and HTTP traffic. It visualizes security findings and sensitive data detections collected from your Data Loss Prevention (DLP) and Cloud Access Security Broker (CASB) policies. If neither DLP nor CASB is configured in your account, the dashboard appears empty.

To view the Data security analytics dashboard:

1. In the Cloudflare dashboard ↗, go to Zero Trust > Insights.
2. Go to Dashboards.
3. Select Data security analytics.

Refer to Insights overview to learn how to use Analytics dashboards together with Analytics Overview and Digital Experience Monitoring (DEX) for complete visibility and troubleshooting.

Prerequisites

To populate this dashboard with partial data, you need at least one of the following:

• At least one HTTP policy that references a DLP profile.
• At least one SaaS integration enrolled in CASB.
• At least one Cloud integration enrolled in CASB.
• At least one SaaS or Cloud integration enrolled in CASB and a DLP profile applied to it.

Available insights

The dashboard includes the following panels and metrics:

• SaaS and Cloud findings by count
• Posture findings by Severity
• DLP matches in HTTP requests over time
• Top integrations by posture findings
• Top integrations by content findings
• Top cloud resources by findings
• Top users by DLP policies triggered

SaaS and Cloud findings by count

The SaaS and Cloud findings by count chart shows a time series view of Posture and Content findings. Posture findings are configuration and access issues detected by CASB, such as misconfigurations, unauthorized user activity, and other data security issues. Content findings are instances of potential data exposure as identified by DLP.

Each bar represents the total number of findings detected within a given time interval. You can use this view to observe patterns or spikes in findings over time. Hover over any bar to view the exact count of Posture and Content findings for that period.

To review findings in detail, log in to the Cloudflare dashboard ↗ and go to Zero Trust > Cloud & SaaS findings > Posture Findings or Content Findings.

Posture findings by Severity

The Posture findings by severity chart displays the distribution of CASB findings based on their severity levels. Each segment of the circle represents the number of posture issues classified as Critical, High, Medium, or Low.

To review findings in detail, log in to the Cloudflare dashboard ↗ and go to Zero Trust > Cloud & SaaS findings > Posture Findings.

DLP matches in HTTP requests over time

The DLP matches in HTTP requests over time chart displays when DLP policies were triggered by users over a specified period of time.

Unlike the SaaS and Cloud findings by count chart, which shows CASB findings from data at rest (files already stored in your connected SaaS applications), the DLP matches in HTTP requests over time chart shows DLP detections in HTTP traffic — data actively moving through your network.

To review DLP detections in detail, log in to the Cloudflare dashboard ↗ and go to Zero Trust > Insights > Logs > HTTP request logs. Use the DLP profiles or DLP match data filters to view HTTP requests that triggered a DLP policy.