Forum Discussion
Ninja Cat Giveaway: Episode 6 | SaaS security posture management (SSPM)
For this episode, your opportunity to win a plush ninja cat is the following -
Reply to this thread with: Share with us the most valuable piece of information you gained from David's demo on SSPM!
This offer is non-transferable and cannot be combined with any other offer. This offer ends on April 14th, 2023, or until supplies are exhausted and is not redeemable for cash. Taxes, if there are any, are the sole responsibility of the recipient. Any gift returned as non-deliverable will not be re-sent. Please allow 6-8 weeks for shipment of your gift. Microsoft reserves the right to cancel, change, or suspend this offer at any time without notice. Offer void in Cuba, Iran, North Korea, Sudan, Syria, Region of Crimea, Russia, and where prohibited.
The most valuable piece of information gained from David's demo is that a majority of security failures in the cloud are human driven. With SSPM I can now take best practices for apps, analyze how the app is configured / misconfigurations and provide security admin a better view.
- gschellenbergCopper ContributorThe most valuable piece of info from the SSPM session was that this feature is included with our E5 license. One question: how do the connectors to the SaaS platforms work? Is this some API call? Thanks, Greg
- Yoann_David_MalletMicrosoft
Hi!
Yes indeed the app connectors are api based. The same connectors used by Defender for Cloud Apps, for other features of the product are also leveraged here, which makes it seamless in terms of configuration. (On top of being available at no additional cost as you pointed out 🙂 ).
- JamieLiu5005Brass ContributorThank you for the episode today!
I learned that SSPM is integrated with Microsoft Secure Score, our security team can identity misconfigurations and get a step-by-step remediation guide for a risky security configuration for the related SaaS apps. - thalpiusBrass ContributorI love how SaaS Security Posture Management (SSPM) shows security recommendations for SaaS applications like Salesforce, DocuSign, and GitHub and it is free as well and nothing to configure if you already have the applications connected using an app connector. Can't be more easier than this..
Thank you Heike and David! - JasonCardenasCopper ContributorThe most valuable piece of information that I gained was that SSPM utilizes both vendor best practices and public benchmarks (i.e. CIS) to identify misconfigurations or risk configurations and recommend the appropriate corrective action.
- Lucas_PessoaMicrosoftFor me, the most valuable piece of information I gained from David's demo was getting to learn more about the Secure Score feature available in the Microsoft 365 Defender Portal. I find it amazing how this feature integrates best practices and security posture for different areas such as identity, data, service and apps. It's also a great metric for companies to know their current security posture and the recommended actions they can take to improve the security of their environment which have a direct impact on their Secure Score as well.
- SaeedNouri2021Brass ContributorThanks again for a wonderful run down,
I reckon the great value shows itself as efficiency in the overall security and protection. With the explosion of SaaS applications leveraging Microsoft Defender for Cloud Apps SSPM can simply speed up the process of detection and remediation by providing the right direction to the relevant team and obtain the results.
This well aligned with do more with less strategy!
Thanks, Saeed - _Herve_Microsoft
Thank you for this episode and this new feature in CASB
2 valuable informations for me :
It is included in the license you have already acquired.
If your application is connected to MCAS, so we have nothing more to do.
Nothing to pay and nothing to do --> really cool 😄- Ronen_RefaeliMicrosoftHi Hervé, just one comment - SSPM is included in E5 license.
So, if someone has E5, SSPM will be automatically included.
- JeffersonCastiblancoCopper ContributorExcellent show session, I love the way to get visibility into the security posture of third party apps we have in our tenants, and the easy way to identify recommendations and actions to improve the security posture of third party apps and own apps, and the options to monitor Secure Score recommendations. Thanks Heike!
Put the show in my :spiral_calendar: but link was not working. Where can i find the on demand show?
- HeikeRitterMicrosoftSorry this happened! Recording is here: https://www.youtube.com/watch?v=SAwUJrSN-JA
- MT1821Copper ContributorThanks for the episode. I was using ossec host integrity servers to monitor the changes on system,file level with very short interval and I think SSPM has that capability to expand same workflow to Azure resources that we have.