Event banner
Secure AI applications using Microsoft Defender for Cloud Apps
Event Ended
Wednesday, Apr 03, 2024, 08:00 AM PDTEvent details
Learn how to discover, manage, and monitor the usage of Generative AI applications in your environment using Microsoft Defender for Cloud Apps.
This session is part of the Microsoft Secure Tech Accelerator. Add it to your calendar, RSVP for event reminders, and post your questions and comments below! This session will also be recorded and available on demand shortly after conclusion of the live event. |
Heather_Poulsen
Updated Dec 27, 2024
- Yoann_David_Mallet
Microsoft
Additional reference links: Announcement blogpost: https://aka.ms/S4AI/Blog Mechanics video https://aka.ms/getreadyforM365Copilot Data security and compliance for AI blogpost: https://aka.ms/PurviewAI/blog Generative AI apps discovery blogpost: https://aka.ms/DiscoverGAIAppsBlog Guidance to Securing AI Whitepaper: https://aka.ms/SecuringAIWhitepaper - Trevor_Rusher
Community Manager
Discover how Microsoft Copilot for secure can help security analysts and IT admins to rapidly process security signals and respond to potential threats at the speed and scale of AI with the Get started with Microsoft Copilot for Security Learning path! Delve into the intricate AI concepts that underlie the development of this cutting-edge security tool, and learn how to leverage them in your own work.
- mhatchCopper ContributorWhat's up with the Početak thing?
- Yoann_David_Mallet
Microsoft
not sure, can you specify what you are referring to?- mhatchCopper Contributor
The M365 admin center tab language is showing up in
SerbianCroatian. https://admin.microsoft.com/Adminportal/Home#/homepage = Početak.
- JarrodPichaCopper ContributorWhat are some good cloud app education resources for creating policies. We would like to warn on all generative AI services, except a couple pre-approved services.
- assafyatziv
Microsoft
Hi Jarrod I think this link can be useful for this need: https://learn.microsoft.com/en-us/defender-cloud-apps/mde-govern#educate-users-when-accessing-risky-apps
- Trevor_Rusher
Community Manager
That concludes our presentation, thanks for joining us! We will continue to monitor and answer questions through Friday. Up next: Transform your defense: Microsoft Security Exposure Management.
- Jeffrey KarlanOccasional ReaderWhere are the links that were suggested at the end of the presentation?
- Mika_SeitsonenBrass ContributorAre we going to have Cloud Apps for Security Policy Template for Copilot as shown in demo?
- Yoann_David_Mallet
Microsoft
Hi Mika, by template, do you mean the detection we are showing in the demo? Yes, it is built-in.- assafyatziv
Microsoft
It's built in and triggers automatically in relevant cases, but like many new detections, and like XDR native detections, it doesn't have a user-facing configurable policy
- Alexander_RauCopper ContributorCan I use this to protect Bing.com (Web Chat / with internet grounded context)
- Alexander_RauCopper ContributorWanted to understand ability to log prompts and responses to bing.com chat, in addition to group based block/allow
- Yoann_David_Mallet
Microsoft
You can block or restrict access to bing.com. Can you share more on what you are trying to achieve?
- Christian ZenzanoBrass ContributorMy understanding is that Microsoft defender for Cloud apps requires EMS E5 or M365 E5. What steps can I first take with Microsoft Cloud apps Discovery that is part of E3? and then scale to E5 ?
- Yoann_David_Mallet
Microsoft
This is currently available iwth E3: https://learn.microsoft.com/en-us/defender-cloud-apps/editions-cloud-app-security-aad
- Mikhail SedenkovCopper ContributorIs there a way to use MDCA to block BCC (consumer version of Bing Chat)? We would like to enforce use of BCE (Bing Chat Enterprise) in our environment, to ensure the use of commercial data protection.
- assafyatziv
Microsoft
Hi Mikhail, I believe that at the moment we don't differentiate between those directly, but it's something we do consider working on in the future. As a workaround for now, if you use Copilot for Microsoft 365 you can direct users to use it directly instead of Bing Chat- Mikhail SedenkovCopper ContributorHi Assaf, from our understanding both URLs (bing.com/chat and copilot.microsoft.com) are pointing to the same backend and both expose BCC + BCE. We have had to use a DNS block (CNAMEing www.bing.com to nochat.bing.com) to block use of BCC and enforce BCE. We would welcome more elegant and supported solution (for example using MDCA).
- Fish_TacosBrass ContributorWe have acceptable use policy not to use VPN when connecting to O365, Apple recently integrated the iCloud Private Relay into their platform. How would you use Cloud Apps for Security to implement this policy?
- Yoann_David_Mallet
Microsoft
Thanks for your question. Can you please expend on what you are trying to achieve? Are you trying to prevent O365 from going through a VPN solution?- Fish_TacosBrass ContributorYes we don't want MItM Attacks from VPN providers and we had a conditional access policy to push sessions to MCAS and it would email the user the AUP violation. It stopped working about 6 months ago after a major change to MCAS.