Skip to content

[CF1 Ref Architecture] Update Secure access to SaaS applications#28639

Open
caley-b wants to merge 1 commit intoproductionfrom
ref-arch-review-sase-saas-apps
Open

[CF1 Ref Architecture] Update Secure access to SaaS applications#28639
caley-b wants to merge 1 commit intoproductionfrom
ref-arch-review-sase-saas-apps

Conversation

@caley-b
Copy link
Contributor

@caley-b caley-b commented Feb 26, 2026

Summary

Testing new skill for reviewing and updating the ref arch diagrams. It addresses 18 gaps identified since last review (2024-12-17). Key changes:

  • Add CASB, Shadow IT discovery, tenant control, and AI prompt protection
  • Expand Browser Isolation with data protection controls and logging
  • Detail DLP capabilities, Application Granular Controls, and Body Phase selector
  • Add egress policy enhancements (hostname/domain filtering)
  • Add reusable policies, user risk scoring, and forensic copy to Logpush
  • Fix ZNTA typo to ZTNA
  • Add related resources links (Zero Trust for SaaS design guide, CrowdStrike/SentinelOne ref archs, GenAI blog)
  • Update products frontmatter to include casb and dlp
  • Update reviewed date to 2026-02-26

Screenshots (optional)

Documentation checklist

  • Is there a changelog entry (guidelines)? If you don't add one for something awesome and new (however small) — how will our customers find out? Changelogs are automatically posted to RSS feeds, the Discord, and X.
  • The change adheres to the documentation style guide.
  • If a larger change - such as adding a new page- an issue has been opened in relation to any incorrect or out of date information that this PR fixes.
  • Files which have changed name or location have been allocated redirects.

@caley-b
[Reference Architecture] Update secure access to SaaS applications wi…
1273132 
…th SASE

Review and update the ref arch diagram to address 18 gaps identified since
last review (2024-12-17). Key changes:

- Add CASB, Shadow IT discovery, tenant control, and AI prompt protection
- Expand Browser Isolation with data protection controls and logging
- Detail DLP capabilities, Application Granular Controls, and Body Phase selector
- Add egress policy enhancements (hostname/domain filtering)
- Add reusable policies, user risk scoring, and forensic copy to Logpush
- Fix ZNTA typo to ZTNA
- Add related resources links (Zero Trust for SaaS design guide, CrowdStrike/SentinelOne ref archs, GenAI blog)
- Update products frontmatter to include casb and dlp
- Update reviewed date to 2026-02-26
@caley-b caley-b requested review from a team and securitypedant as code owners February 26, 2026 23:29
@github-actions
Copy link
Contributor

github-actions bot commented Feb 26, 2026

This pull request requires reviews from CODEOWNERS as it changes files that match the following patterns:

Pattern Owners
/src/content/docs/reference-architecture/ @securitypedant, @cloudflare/pcx-technical-writing

@github-actions
Copy link
Contributor

github-actions bot commented Feb 26, 2026

Preview URL: https://12731323.preview.developers.cloudflare.com
Preview Branch URL: https://ref-arch-review-sase-saas-apps.preview.developers.cloudflare.com

Files with changes (up to 15)

Original Link Updated Link
https://developers.cloudflare.com/reference-architecture/diagrams/sase/secure-access-to-saas-applications-with-sase/ https://ref-arch-review-sase-saas-apps.preview.developers.cloudflare.com/reference-architecture/diagrams/sase/secure-access-to-saas-applications-with-sase/

@github-actions
Copy link
Contributor

github-actions bot commented Feb 26, 2026

CI run failed: build logs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@securitypedant securitypedant Awaiting requested review from securitypedant securitypedant is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@securitypedant securitypedant

Labels

product:reference-architecture size/s

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@caley-b @securitypedant