When to use this rule
You want to be notified any time a net-new SaaS tool enters your environment
You want to ask users to justify why they're using a new tool before it becomes widespread
You want visibility into new apps for compliance or vendor management purposes
Key distinction: App rules are for brand new apps never seen before. Account rules are for new signups on apps already in your inventory. These are two separate rule types.
How to set it up
Go to Automations → Rules in the left nav
Click Create New Rule
Select the App tile
Click Add Condition and select App is new to organization
Add your actions:
Alert your team that a new app has been introduced
Action: Email alert (to you or a team member)
Click Add Action → Email
Enter recipient email addresses
Add multiple recipients by adding additional email actions
Action: Slack channel alert (follow the same instructions for Teams channel alerts)
Click Add Action → Slack Channel
Select the channel you want to send the alert to
Add multiple channels by adding additional Slack channel actions
Action: Slack user alert (follow the same instructions for Teams user alerts)
Click Add Action → Slack User
Select the user you want to send the alert to
Add multiple users by adding additional Slack user actions
Action: Webhook (use this to surface an alert of a new app to a SIEM tool or ticketing tool like Jira)
Click Add Action → Webhook
Paste in the webhook URL
Add multiple webhooks by adding additional webhook actions
Nudge the end user responsible for introducing the app to ask for clarification of use
Action: Nudge the end user
Click Add Action → Nudge
Select Request Clarification of Use
This sends the user a message asking them to explain the business purpose of the new app they've introduced
Once you're all set make sure to click the Save rule button.
For new app discovery, Request Clarification of Use is the recommended nudge type. Once the user responds, it gives you context before you decide whether to approve, investigate, or block the app.
What happens after the rule fires
When a new app is detected:
Your team gets an email/Slack/Teams alert
The user who introduced the app receives a nudge asking for their business justification
You can review the app in your inventory and decide:
Approve it (and optionally set a technical contact)
Mark it as Not Permitted and create an account rule to nudge users to delete any future accounts they create for this app
Send it through your procurement or vendor review process
Ignore it if it's low risk and you don't want it cluttering your inventory
Considerations
You may want to hold off on the nudge action early on while you're still getting familiar with what's in your environment. Start with email or Slack/Teams alerts only, then add the nudge once you're ready to engage users
This rule is especially valuable for compliance and vendor management — it gives you early notice of new tools before they spread, helping you meet vendor onboarding and due diligence obligations
Once a new app is discovered and given an approval status, it moves out of "new" status and won't trigger this rule again if another member of your workforce signs up for it
Tips
This is one of the first rules to set up - it gives you a real-time signal any time your SaaS footprint grows
Pair it with your Shadow Apps dashboard to prioritize review of apps that have OAuth access to sensitive data like files or email
Check the Recipes panel on the right side of the rule builder for a pre-built version of this rule