Category: MCAS

News Informatique

AAD Security Reader Role in Microsoft Defender for Cloud Apps – Alignment with Microsoft 365 Defender

Currently the AAD “Security Reader” role can manage Microsoft Defender for Cloud Apps alerts, however, it can only view alerts from all other security workloads. The AAD “Security Reader” role update will now be aligned with AAD role definition to provide clarity and prevent confusion of the same role use. When this will happen: As …

Microsoft Defender for Cloud Apps – Release 227, 228, 229, 230 & 231

Malware hashes available for SharePoint and OneDrive (Preview)In addition to file hashes available for malware detected in non-Microsoft storage apps, now new malware detection alerts will provide hashes for malware detected in SharePoint and OneDrive. For more information, see Malware detection. SaaS Security Posture Management capabilities for Salesforce and ServiceNowSecurity posture assessments are available for Salesforce …

Microsoft Defender for Cloud Apps – Release 226

Improvements in malware detection for non-Microsoft storage appsDefender for Cloud Apps has introduced major improvements in the non-Microsoft storage apps detection mechanism. This will reduce the number of false positive alerts.

Microsoft Defender for Cloud Apps – Release 225

Support for Rome and San Diego ServiceNow versionsThe Defender for Cloud Apps connector for ServiceNow now supports Rome and San Diego versions of ServiceNow. With this update, you can protect the latest versions of ServiceNow using Defender for Cloud Apps. For more information, see Connect ServiceNow to Microsoft Defender for Cloud Apps.

Microsoft Defender for Cloud Apps (formerly MCAS) – Release 222, 223 and 224

Updated severity levels for Defender for Cloud Apps anomaly detectionsThe severity levels for Defender for Cloud Apps built-in anomaly detection alerts are being changed to better reflect the risk level in the event of true positive alerts. The new severity levels can be seen in the policies page: https://portal.cloudappsecurity.com/#/policy

Microsoft Defender for Cloud Apps (formerly MCAS) – Release 221

Egnyte app connector available in public previewA new app connector for Egnyte is available in public preview. You can now connect Microsoft Defender for Cloud Apps to Atlassian to monitor and protect users and activities. For more information, see Connect Egnyte to Microsoft Defender for Cloud Apps (Preview).

Microsoft Defender for Cloud Apps (formerly MCAS) – Release 220

New Cloud discovery log collectorThe Cloud Discovery log collector has been updated to Ubuntu 20.04. To install it, see Configure automatic log upload for continuous reports.

Microsoft Defender for Cloud Apps (formerly MCAS) – Release 218 and 219

Atlassian app connector available in public previewA new app connector for Atlassian is available in public preview. You can now connect Microsoft Defender for Cloud Apps to Atlassian to monitor and protect users and activities. For more information, see Connect Atlassian to Microsoft Defender for Cloud Apps (Preview).

Microsoft Defender for Cloud Apps (formerly MCAS) – Release 216 and 217

Non-Microsoft activities in advanced huntingNon-Microsoft apps activities are now included the CloudAppEvent table in Microsoft 365 Defender advanced hunting. For more information, see the Microsoft 365 Defender Tech Community blog post. NetDocuments API connector is now in general availabilityThe NetDocuments API connector is in general availability, giving you more visibility into, and control over, how your NetDocument app is …

Microsoft Defender for Cloud Apps (formerly MCAS) – Release 214 and 215

NetDocuments app connector available in public previewA new app connector for NetDocuments is available in public preview. You can now connect Microsoft Defender for Cloud Apps to NetDocuments to monitor and protect users and activities. For more information, see Connect NetDocuments to Microsoft Defender for Cloud Apps. Reset user investigation priority scoreThe user investigation priority score …

Microsoft Cloud App Security – Release 212 and 213

Impossible travel, activity from infrequent countries, activity from anonymous IP addresses, and activity from suspicious IP addresses alerts will not apply on failed logins.After a thorough security review, Microsoft decided to separate failed login handling from the alerts mentioned above. From now on, they’ll only be triggered by successful login cases and not by unsuccessful …

Microsoft Cloud App Security – Release 209, 210 and 211

Slack API connector is now in general availabilitySlack API connector is in general availability, giving you more visibility in to, and control over, how your app is used in your organization. For more information, see How Cloud App Security helps protect your Slack Enterprise. New warn experience for monitored apps with Microsoft Defender for Endpoint is …

Microsoft Cloud App Security – Release 206, 207 and 208

New Cloud Discovery Open Systems log parserCloud App Security’s Cloud Discovery analyzes a wide range of traffic logs to rank and score apps. Now Cloud Discovery includes a built-in log parser to support the Open Systems format. For a list of supported log parsers, see Supported firewalls and proxies. New warn experience for monitored apps with …

Microsoft Cloud App Security – Release 205

Zendesk app connector available in public previewA new app connector for Zendesk is available in public preview. You can now connect Microsoft Cloud App Security to Zendesk to monitor and protect users and activities. For more information, see Connect Zendesk. New Cloud Discovery parser for WanderaCloud Discovery in Cloud App Security analyzes a wide range of …

Microsoft Cloud App Security – Release 204

New log collector versionUpgraded Log collector for Shadow IT discovery is now available. It includes the following updates: Microsoft has upgraded our Pure-FTPd version to the latest version: 1.0.49. TLS < 1.2 is now disabled by default. Microsoft has disabled the “octet-counted” framing feature in RSyslog to prevent failed processing.For more information, see Configure automatic log …

Microsoft Cloud App Security – Release 203

Expose verified publisher indicating in O365 OAuth appsCloud App Security now surfaces whether a publisher of an Office 365 OAuth app has been verified by Microsoft to enable higher app trust. This feature is in a gradual rollout. For more information, see Working with the OAuth app page. Azure Active Directory Cloud App Security adminA Cloud …

Microsoft Cloud App Security – Release 200, 201, and 202

Authentication Context (Step-Up Authentication) in public previewMicrosoft has added the ability to protect users working with proprietary and privileged assets by requiring Azure AD Conditional Access policies to be reassessed in the session. For example, if a change in IP address is detected because an employee in a highly sensitive session has moved from the …

Microsoft Cloud App Security – Release 199

Service Health Dashboard availabilityThe enhanced Cloud App Security Service Health Dashboard is now available within the Microsoft 365 Admin portal for users with Monitor service health permissions. Learn more about Microsoft 365 Admin roles. In the dashboard, you can configure notifications, allowing relevant users to stay updated with the current Cloud App Security status. To learn how to configure email …

Microsoft Cloud App Security – Release 198

Exclusion of Azure Active Directory groups entities from discoveryMicrosoft has added the ability to exclude discovered entities based on imported Azure Active Directory groups. Excluding AAD groups will hide all discovery-related data for any users in these groups. For more information, see Exclude entities. API connector support for ServiceNow Orlando and Paris versionsMicrosoft has added support …