Category: MCAS

Service Health Dashboard availabilityThe enhanced Cloud App Security Service Health Dashboard is now available within the Microsoft 365 Admin portal for users with Monitor service health permissions. Learn more about Microsoft 365 Admin roles. In the dashboard, you can configure notifications, allowing relevant users to stay updated with the current Cloud App Security status. To learn how to configure email …

Exclusion of Azure Active Directory groups entities from discoveryMicrosoft has added the ability to exclude discovered entities based on imported Azure Active Directory groups. Excluding AAD groups will hide all discovery-related data for any users in these groups. For more information, see Exclude entities. API connector support for ServiceNow Orlando and Paris versionsMicrosoft has added support …

Status page deprecation noticeOn April 29, Cloud App Security will deprecate the service health status page, replacing it with the Service Health Dashboard within the Microsoft 365 Admin portal. The change aligns Cloud App Security with other Microsoft services and provides an enhanced service overview.  Only users with Monitor service health permissions can access the dashboard. For more information, …

Enhanced Shadow IT discovery with Microsoft Defender for EndpointMicrosoft has further improved the Defender for Endpoint integration by leveraging enhanced signals for the Defender agent, providing more accurate app discovery and organizational user context. To benefit from the latest enhancements, make sure your organizational endpoints are updated with the latest Windows 10 updates: KB4601383: Windows …

Updates to Policies pageMicrosoft has updated the Policies page, adding a tab for every policy category. Microsoft also added an All policies tab to give you a complete list of all your policies. For more information about the policy categorization, see Policy types. Enhanced Office 365 OAuth apps exportMicrosoft has enhanced the Office 365 OAuth …

New anomaly detection: Suspicious addition of credentials to an OAuth appMicrosoft has extended their anomaly detections to include suspicious addition of privileged credentials to an OAuth app. The new detection is now available out-of-the-box and automatically enabled. The detection can indicate that an attacker has compromised the app and is using it for malicious activity. …

New Shadow IT integration with Menlo SecurityMicrosoft has added native integration with Menlo Security providing you with Shadow IT visibility into app use and control over app access. New Cloud Discovery WatchGuard log parserCloud App Security Cloud Discovery analyzes a wide range of traffic logs to rank and score apps. Now Cloud Discovery includes a …

New enhanced alert monitoring and management experienceAs part of the Microsoft’s ongoing improvements to monitoring and managing alerts, the Cloud App Security Alerts page has been improved based on customer feedback. In the enhanced experience, the Resolved and Dismissed statuses are replaced by the Closed status with a resolution type. New global severity setting for …

Access and session controls for Azure portal GA Conditional Access App Control for the Azure portal is now generally available. For information about configuring these controls, see the Deployment guide.

New anomaly detection: Suspicious OAuth app file download activitiesMicrosoft has extended their anomaly detections to include suspicious download activities by an OAuth app. The new detection is now available out-of-the-box and automatically enabled to alert you when an OAuth app downloads multiple files from Microsoft SharePoint or Microsoft OneDrive in a manner that is unusual …

New security configurations for Google Cloud Platform (gradual rollout)Microsoft has expanded our multi-cloud security configurations to provide security recommendations for Google Cloud Platform, based on the GCP CIS benchmark. With this new capability, Cloud App Security provides organizations with a single view for monitoring the compliance status across all cloud platforms, including Azure subscriptions, AWS …

What’s new in MCAS ? New real-time malware detection (Preview, gradual rollout)Microsoft has expanded their session controls to detect potential malware using Microsoft Threat Intelligence upon file uploads or downloads. The new detection is now available out-of-the-box and can be configured to automatically block files identified as potential malware. For more information, see Block malware …