Configure GSA dashboard for generative AI app visibility
Implementation Effort: Low – Dashboard is available in the Microsoft Entra admin center once Global Secure Access is configured; requires reviewing widgets and applying the generative AI filter.
User Impact: Low – Admin-only monitoring activity; end users are not affected.
Overview
Routing agent and user traffic through Global Secure Access generates network telemetry, but that telemetry is only useful if the security team knows where to find it and how to filter it for AI-relevant activity. The Global Secure Access dashboard aggregates network traffic data into widgets — snapshot counts, top destinations, cross-tenant access, web category filtering, and cloud application status — but without applying the generative AI filter, AI app traffic is mixed into the general traffic view and hard to isolate. This makes it difficult to answer basic governance questions: which generative AI applications are being accessed, by how many users and devices, and whether any of that traffic is being blocked.
The dashboard's Top used cloud applications widget supports filtering specifically for generative AI applications, and the Cloud applications status widget breaks out the total number of generative AI apps and high-risk applications accessed. The Web category filtering widget shows which web content categories are being blocked or allowed, which is directly relevant for validating that AI app category filtering policies are working as intended. These views give the security team ongoing operational visibility into how the organization interacts with generative AI services across the network.
This supports Verify explicitly by providing the security team with real-time data to validate that generative AI traffic conforms to organizational access policies. It supports Assume breach by enabling detection of anomalous patterns — such as an unexpected spike in traffic to unsanctioned AI services or access from unusual tenants — that could indicate compromised credentials or unauthorized AI tool adoption. Without configuring this dashboard view, the organization collects generative AI network telemetry but cannot efficiently analyze it, and emerging risks in AI app usage go unnoticed.