Microsoft Defender for Cloud Apps | Microsoft Community Hub

Connect with experts and redefine what’s possible at work – join us at the Microsoft 365 Community Conference May 6-8. Learn more >

Forum Widgets

Latest Discussions

Conditional access policy not recognised
Hello everyone, We're evaulating Cloud Apps session/conditional access/session policies but have hit a weird snag. We have created a conditional access policy in EntraID with session control of Use Conditional Access App Control. This was initially set to Monitor Only (Preview) I then signed in with the test user and logged into the various 365 services, and confirmed these apps were onboarded into the Conditional Access App Control apps page. So far so good. However when I've attempted to create either a Access or Session Policy in the Cloud Apps Policy Management section, there is an error saying that there are no conditional access policies set up. I changed the conditional access policies in Entra ID to "Custom Policy" and waited a few hours, but still getting the error. I have created additional conditional access policies in EntraID from scratch and waited over night, but it still seems that EntraID and the Cloud Apps parts aren't talking with each other. When I create a policy, I get a warning that there isn't a corresponding CA policy. The Access/Session policy is reated, but has [Entra ID Policy Missing] in the title. I'm not sure where I'm going wrong with this. I've followed various guides and checked various forums but aside from the obvious I'm at a loss. Has anyone else come up against this before, or should I raise a ticket with MS to look at the back end? Thanks in advance, Mark
HidMov
Steel Contributor
Mar 26, 2025
1.1KViews
0likes
5Comments
MCAS Log collector supported for Ubuntu 22.04 LTS and Ubuntu 24.04 LTS
Hi all, is collector supported for these 2 versions? In official documentation does not appear. Thank you!
benjamino-21
Copper Contributor
Mar 06, 2025
59Views
0likes
1Comment
Unsanctioned to all, exclude to some
Dear reader, I have configured the asset rules en device tagging. I need to deploy certain apps as unsanctioned to all W11 devices and exclude the same apps to certain devices who have a device tag I configured for exclusion. The problem i am having is that the devices that need to be excluded, with the device tag "Exclude" Are also part of the device tag "W11" I could exclude them from the W11 device tagging but that would mean they would be excluded from all other policies that are targeted to the W11 tag. Which is not desirable. I was hoping for a solution as how you would deploy in Intune, with includes and exludes groups, but it doenst look like the defender platform supports this. I have been testing with exclude entities but this does not give the result i am looking for. Can someone help me? Maybe you had the same issue and found something smart way around this? 🙂 Thank you in advance!
AWulle
Copper Contributor
Feb 21, 2025
813Views
0likes
5Comments
How to differentiate SaaS applications vs regular web URLs in MDCA.
In MDCA, under cloud discovery what I see is a combination of regular SaaS apps and web URLs. Is there a way to differentiate these two in cloud discovery? Or a way to differentiate them with filters? Reason I'm asking is I just want to focus on SaaS applications under cloud discovery and/or cloud catalog. Thank you, TR
RavTin
Copper Contributor
Feb 07, 2025
2.1KViews
0likes
10Comments
Using Microsoft Defender for Cloud Apps to block apps on managed devices.
Greetings, I have been tasked to work with Microsoft Defender for cloud apps and to block the usage of the Firefox browser on all endpoints within my estate apart from a few users who require it. I have tried to unsanctioned app feature. This only displays a warning prompt but users can still proceed with using and interacting with the application. We have already configured web content filtering and works fine. I already looked up other articles relating to downloading a block script but that applies to other security appliances such as firewalls which we don't want to get into. Is there a convenient way to block certain apps usage by solely using Microsoft Defender for Cloud Apps or is this platform only used for monitoring purposes and cannot really block the app by unsanctioning it?
CrestonV
Copper Contributor
Jan 22, 2025
Defender for Cloud Apps
microsoft defender for cloud
580Views
1like
4Comments
MCAS API Connector - Connect GCP - Error: Failed to create sink via Stackdriver Logging API
Hi Everyone, I follow the Microsoft official procedure (Link: https://docs.microsoft.com/en-us/cloud-app-security/connect-google-gcp-to-microsoft-cloud-app-security) to connect GCP to MCAS through API Connector. Unfortunately when I'm going to connect GCP the MCAS report the following error: Error: Failed to create sink via Stackdriver Logging API. Any suggestion? Is there a way to solve this issue? Thanks in advance. Regards, Vittorio (Security Team Lead)
VittorioAddeoSec
Copper Contributor
Jan 21, 2025
App Connectors
Cloud App Security
2.2KViews
3likes
3Comments
Cloud Discovery policy - Governance action - Scoped profile missing
Hi everyone, I wanted to create a Cloud Discovery policy that automatically tags as unsanctioned some applications but only for a scoped profiles. When tagging cloud applications manually, it's possible to scope it to a profile: However, this option doesn't exist in the governance actions section: Are there any other way to create policies that can tag but only for a device group/scoped profile? Cheers,
MatheoBt
Copper Contributor
Dec 11, 2024
37Views
0likes
0Comments
Cloud Discovery Dashboard not updating
We successfully integrated the MDCA with Zscaler on 10th Sep 10 AM. From that Time until 11th Sep 9:08 PM, data was getting updated in the console but after that it is showing Updated on Sep 11, 2024, 9:08 PM. Under Governance log - last parse Cloud discovery log shows success at 11/9/2024, 21:07:51. There is nothing in pending or failed state. Automatic log upload (under settings) shows 362 uploaded logs, last data received 11 Sep 2024, Modified date 13 Sep 2024. Please suggest why Dashboard is not updating.
Solved
Sochito
Brass Contributor
Nov 24, 2024
Cloud Discovery
MDCA
Zscaler
382Views
0likes
2Comments
Block Sensitive Data Upload to External SharePoint Online Tenants
We need to block the ability of Users, who are serving the notice period, to upload any Confidential labelled documents to external SharePoint Online Tenants. What is the best way to do this please?
Sochito
Brass Contributor
Nov 08, 2024
block
MDCA
purview
134Views
0likes
8Comments
Teams cloud app policy template not showing
Below should be available since last year, but i dont see them in my list. Access level change (Teams): Alerts when a team's access level is changed from private to public. External user added (Teams): Alerts when an external user is added to a team. Mass deletion (Teams): Alerts when a user deletes a large number of teams We have the Microsoft 365 E5-security license. Do we need another license for that ?
Solved
MichelA__
Copper Contributor
Nov 07, 2024
155Views
0likes
5Comments

Resources

Tags

Cloud App Security524 Topics
Cloud Discovery107 Topics
Data Protection66 Topics
App Connectors55 Topics
threat protection53 Topics
microsoft defender for cloud apps12 Topics
azure active directory12 Topics
cloud security10 Topics
mcas9 Topics
azure8 Topics