Hi Jonathan! This event page will live on Tech Community under the same link in perpetuity, so feel free to bookmark it for reference!

Defender for Cloud Apps send cloud discovery data from Microsoft Defender for Endpoint to Microsoft Defender for Cloud Apps via Windows devices (Windows 10 and above). Note although we currently don't Discover MacOS traffic coming from Defender for Endpoint, we are able to block/warn on MacOS devices. We've heard a lot of feedback around the need for discovery on MacOS devices via Microsoft Defender for Endpoint. It is high on our list and and is something we are actively looking into. Stay tuned for updates on this! 

Hey Tanya, My recommendation is that you start with reviewing more about the product overview and top SaaS Security use cases: https://learn.microsoft.com/en-us/defender-cloud-apps/what-is-defender-for-cloud-apps & https://securityhub.transform.microsoft.com/download/8aced378-e9d5-4647-8968-034239b63688

Great question Tanya, it's always a challenge to know where and how to begin.

The app governance add on provides much more info beyond just delegated permissions. Our value aligns to three pillars:

• Deep visibility & insights into app configuration & high-risk behaviors. Such as priority account access, sensitivity label access, what permissions are in use/not, how much data is being accessed and tailored KQL queries, and more
• Policy-driven governance for Azure-connected apps to meet security & compliance mandates for data access. Such as generate an alert for overprivileged apps, or set up a custom policy to automatically shut down apps that have accessed sensitivity labeled data for a particular workload over a particular threshold data volume
• Comprehensive ML-based detection & remediation of unusual app activity. We offer in built detections based on previously seen attack patterns. You can see a list of our active detections here https://learn.microsoft.com/en-us/defender-cloud-apps/app-governance-anomaly-detection-alerts

Thanks Grant. It will be great to get more details about the entire need. We are prioritizing more capabilities to all the supported SaaS apps connectors. If there is a specific need, please share it with me directly. For cloud workloads like AWS we have different efforts that are covering them. The question from our side to you will be about the way you use them. Are you looking for a unified policy that will cover both SaaS apps and cloud workloads? Are you pointing only information protection policies or other policies too?

Great feedback, thank you, Simona! Defender for Cloud Apps has a rich catalog with many thousands of apps, and it is updated on an ongoing basis. Significant engineering efforts go into keeping the catalog up to date in terms of the apps that are covered and their risk scores. Are there specific apps that you feel are not up to date? We would love to hear more. There is also an in-product experience where you can request a score update. From discovered apps, click on “Request Score Update” in the top menu.

Hi Jonathan, thanks for so much for joining! Currently, Defender for Cloud Apps is not available as an add-on SKU for Microsoft Defender for Business (MDB) within M365 Business Premium or standalone. Happy to take this feedback to our MDB team, as its critical to have app protection for SMB.

Hi all, David Mallet, Customer Experience Product Manager on Defender for Cloud Apps. Always happy to assist!

Hi everyone, my name is Sharon Nakibly. I am part of the Microsoft Defender for Cloud Apps product team, responsible for SOC experiences & threat protection domains. Excited to be here.

Welcome, everyone. I am Leor Hurwitz, a product manager on the Defender for Cloud Apps team. Happy to help!

Thank you, excited to contribute and learn.