Microsoft Cloud App Security – Release 212 and 213

News Informatique

Microsoft Cloud App Security – Release 212 and 213

  • Impossible travel, activity from infrequent countries, activity from anonymous IP addresses, and activity from suspicious IP addresses alerts will not apply on failed logins.
    After a thorough security review, Microsoft decided to separate failed login handling from the alerts mentioned above. From now on, they’ll only be triggered by successful login cases and not by unsuccessful logins or attack attempts. Mass failed login alert will still be applied if there are anomalous high amount of failed login attempts on a user. For more information, see Behavioral analytics and anomaly detection.
  • New anomaly detection: Unusual ISP for an OAuth app
    Microsoft has extended their anomaly detections to include suspicious addition of privileged credentials to an OAuth app. The new detection is now available out-of-the-box and automatically enabled. The detection can indicate that an attacker has compromised the app and is using it for malicious activity. For more information, see Unusual ISP for an OAuth app.
  • New detection: Activity from password-spray associated IP addresses
    This detection compares IP addresses performing successful activities in your cloud applications to IP addresses identified by Microsoft’s threat intelligence sources as recently performing password spray attacks. It alerts about users that were victims of password spray campaigns and managed to access your cloud applications from those malicious IPs. This new alert will be generated by the existing Activity from suspicious IP addresses policy. For more information, see Activity from suspicious IP addresses.
  • Smartsheet and OneLogin API connectors are now in general availability
    Smartsheet and OneLogin API connectors are now in general availability. You can now connect Microsoft Cloud App Security to Smartsheet and to OneLogin to monitor and protect users and activities. For more information, see Connect Smartsheet and Connect OneLogin.
  • New Shadow IT integration with Open Systems
    Microsoft has added native integration with Open Systems providing you with Shadow IT visibility into app use and control over app access. For more information, see Integrate Cloud App Security with Open Systems.

No Comments

Add your comment