Event banner
Event details
- Yoann_David_Mallet
Microsoft
Additional reference links: Announcement blogpost: https://aka.ms/S4AI/Blog Mechanics video https://aka.ms/getreadyforM365Copilot Data security and compliance for AI blogpost: https://aka.ms/PurviewAI/blog Generative AI apps discovery blogpost: https://aka.ms/DiscoverGAIAppsBlog Guidance to Securing AI Whitepaper: https://aka.ms/SecuringAIWhitepaper - Trevor_Rusher
Community Manager
Discover how Microsoft Copilot for secure can help security analysts and IT admins to rapidly process security signals and respond to potential threats at the speed and scale of AI with the Get started with Microsoft Copilot for Security Learning path! Delve into the intricate AI concepts that underlie the development of this cutting-edge security tool, and learn how to leverage them in your own work.
- What's up with the Početak thing?
- Yoann_David_Malletnot sure, can you specify what you are referring to?
The M365 admin center tab language is showing up in
SerbianCroatian. https://admin.microsoft.com/Adminportal/Home#/homepage = Početak.
- What are some good cloud app education resources for creating policies. We would like to warn on all generative AI services, except a couple pre-approved services.
assafyatzivHi Jarrod I think this link can be useful for this need: https://learn.microsoft.com/en-us/defender-cloud-apps/mde-govern#educate-users-when-accessing-risky-apps
- Trevor_Rusher
That concludes our presentation, thanks for joining us! We will continue to monitor and answer questions through Friday. Up next: Transform your defense: Microsoft Security Exposure Management.
- Where are the links that were suggested at the end of the presentation?
- Are we going to have Cloud Apps for Security Policy Template for Copilot as shown in demo?
- Yoann_David_MalletHi Mika, by template, do you mean the detection we are showing in the demo? Yes, it is built-in.
- assafyatzivIt's built in and triggers automatically in relevant cases, but like many new detections, and like XDR native detections, it doesn't have a user-facing configurable policy
- Can I use this to protect Bing.com (Web Chat / with internet grounded context)
- Wanted to understand ability to log prompts and responses to bing.com chat, in addition to group based block/allow
- Yoann_David_MalletYou can block or restrict access to bing.com. Can you share more on what you are trying to achieve?
- My understanding is that Microsoft defender for Cloud apps requires EMS E5 or M365 E5. What steps can I first take with Microsoft Cloud apps Discovery that is part of E3? and then scale to E5 ?
- Yoann_David_MalletThis is currently available iwth E3: https://learn.microsoft.com/en-us/defender-cloud-apps/editions-cloud-app-security-aad
- Is there a way to use MDCA to block BCC (consumer version of Bing Chat)? We would like to enforce use of BCE (Bing Chat Enterprise) in our environment, to ensure the use of commercial data protection.
- assafyatzivHi Mikhail, I believe that at the moment we don't differentiate between those directly, but it's something we do consider working on in the future. As a workaround for now, if you use Copilot for Microsoft 365 you can direct users to use it directly instead of Bing Chat
- Hi Assaf, from our understanding both URLs (bing.com/chat and copilot.microsoft.com) are pointing to the same backend and both expose BCC + BCE. We have had to use a DNS block (CNAMEing www.bing.com to nochat.bing.com) to block use of BCC and enforce BCE. We would welcome more elegant and supported solution (for example using MDCA).
- We have acceptable use policy not to use VPN when connecting to O365, Apple recently integrated the iCloud Private Relay into their platform. How would you use Cloud Apps for Security to implement this policy?
- Yoann_David_MalletThanks for your question. Can you please expend on what you are trying to achieve? Are you trying to prevent O365 from going through a VPN solution?
- Yes we don't want MItM Attacks from VPN providers and we had a conditional access policy to push sessions to MCAS and it would email the user the AUP violation. It stopped working about 6 months ago after a major change to MCAS.
