Traffic data is analyzed against the Cloud App Catalog to identify more than 16,000 cloud apps and to assess their risk score. It also enables machine-based investigation. The native integration enables you to run Cloud Discovery on any machine in the corporate network, using public Wi-Fi, while roaming, and over remote access. The policy examples are based on the traffic information collected by the MDE service.Ĭloud App Security uses the traffic information collected by Microsoft Defender for Endpoint (MDE) about the cloud apps and services being accessed from IT-managed Windows 10 machines. The following chapters concentrate on MCAS & MDE integration benefits. Cloud App Security and Defender for Endpoint Integration - How It Works? () You can also use the API to generate block scripts and streamline app controls directly to your network appliance. The Cloud Discovery API offers an option to automate traffic log upload and get automated Cloud Discovery report and risk assessment. The main reason has been easy and smooth integration with the Microsoft Cloud App Security. Secure Web Gateway (SWG) - such as ZScaler, iboss, Corrata and Menlo Security integrationīased on my personal experience, the Microsoft Defender for Endpoint (MDE) has been the selected solution in most cases I have worked.Microsoft Defender for Endpoint integration (MDE).The following options are available for the continuous reports: The snapshot reports provides ad-hoc visibility on traffic logs manually upload from firewalls and proxies. At the time of writing the following options are available to ingest network traffic data to MCAS: Snapshot reports The apps are ranked and scored based on more than 80 risk factors to provide insights and visibility into applications used in the cloud, and the risk Shadow IT poses to the organization. Options for Ingesting DataĬloud Discovery analyzes traffic logs against Microsoft Cloud App Security's cloud app catalog of over 16,000 cloud apps. Picture and description from Cloud App Security playbook. Cloud Discovery analyses the traffic logs and runs them against the cloud app catalog to provide information on the discovered applications and the users accessing them. The Cloud Discovery identifies cloud applications that the organization might not have visibility to, provides risk assessments and ongoing analytics and lifecycle management capabilities to control use. If you want to learn more about Microsoft Cloud App Security I encourage you to start from here: Cloud App Security Overview document. This blog concentrates on the Microsoft Cloud App Security - 'Cloud Discovery' feature and its integration with Microsoft Defender for Endpoint (MDE) service. In a nutshell, it can help to detect "Shadow IT" applications and possible risky applications. Learn all about how to get started in Cloud Discovery from Microsoft Cloud App Security in this deep dive article by guest author and Microsoft partner, Sami Lamppu.Īn Introduction to Cloud App Discovery in Microsoft Cloud App Security (MCAS)Ĭloud Discovery, which is one of the Microsoft Cloud App Security (MCAS) features, helps organizations to identity applications and user activities, traffic volume, and typical usage hours for each cloud application.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |