Home

Microsoft Cloud App Security

23 Conversations

Latest Activity

Custom List Message Item

Are you interested in getting an early look at the cloud-based version of Advanced Threat Analytics? At the Ignite conference, we announced Azure ATP, a cloud-based version of ATA. You can enjoy your own instance free of charge for 6 months by signing up

... Read More
27 Views
0 Reply

Can anyone point me to any specific features in Cloud App Security that interact with security features of Windows 10 (that are not in other versions of Windows)?

41 Views
1 Reply

 Hi Dean,

 

Though we are looking into integrations between Cloud App Security and Windows 10, we currently don't have any specific features I can point you to.

We do hav

... Read More
Best Response confirmed by Dean Gross (Trusted Contributor)

Hi All,

 

I am trying to fetch activities of last few days and I am using below command,

curl "http://mydomain.cloudsecurity.com/api/v1/activities/" -H 'Authorization: Token mytoken"
-d ' { "filters" : { "activity.actionType" : { "eq" : "someevent" }, "date"

... Read More
78 Views
4 Replies

Hi Sanket,

 

The activities API endpoint has a query limit of 100 records to prevent overloading the endpoint with any one request. If you want to retrieve more than 100

... Read More
Best Response confirmed by Sanket Yeram (New Contributor)

Hi

 

According to our cloud app security we have a number of apps graded 3- 4 level security level, so since i have no user info(as the logs come from a checkpoint firewall and are not that integrated) I deciided to look at the firewall.

Cannot identify the

... Read More
35 Views
1 Reply

Hi Steve,

 

Cloud App Security uses your traffic logs to dynamically discover and analyze the cloud apps that your organization is using. The discovery of apps in achieve

... Read More

At Microsoft Ignite 2017, we announced the upcoming public preview of the Microsoft Cloud App Security proxy. We are very excited that the time has arrived, and this feature is now in public preview!

 

In this blog, we’ll dive deeper into the functional i

... Read More
244 Views
0 Reply

Currently using CAS to scan SharePoint Online for any documents that contain sensitive data, and the product seems to do a fine job of detection.   But it seems to be lacking in tools or process for remediation.

 

Scenario: 

 

  • CAS detects document in specific
... Read More
55 Views
2 Replies

Hello Scott,

Thanks for your feedback.

 

All alerts are generated at the specific point of time where a policy match was detected and aren’t edited later (after a file wa

... Read More

I am trying to follow the steps in Version 1.10 of the Office 365 Cloud App Security - Use Case and Usage Guide and all of them are slightly wrong. It looks like the UI has changed but the instructions have not.  Can anyone provide any information about h

... Read More
76 Views
3 Replies

This is one of the issues with the constantly changing UI in Microsoft cloud admin portals. Even Microsoft's own documentation falls out of date, let alone third party bo

... Read More

Hi Dean,

Thank you for the feedback. We are working on updating the document now and planning to release a new version in the next couple weeks.

 

@Anthony Smith (A.J.)

 

... Read More

We’re pleased to announce a new way to give feedback on Microsoft Cloud App Security (CAS). Our User Voice site allows you to make suggestions, vote on other people’s suggestions, and stay up-to-date on product roadmaps. Check it out at https://microsoftsecurity.uservoice.com

... Read More
231 Views
0 Reply

We have cloud app security as part of our microsoft estate 

We also have checkpoint firewalls as our main firewall for our on site security

Unfortunatley according to the compatibility matrix for the two products this is one of the least compatible  match u

... Read More
109 Views
1 Reply

Hi Steve,

 

Cloud App Security's Shadow IT Discovery is based on inteligent analysis of traffic logs generated by the customer's Proxy/Firewall. Thefore, the granualrity

... Read More

I am pretty confused on the difference between these two products. I'm currently using Cloud App Security with a client ($5/usr) and I access the console from O365 > Admin Centers > Cloud App Security. In the new Azure portal though, there's an Azure AD C

... Read More
326 Views
3 Replies

Hi All

 

Nice to be here.

We would like to monitor out amazon s3 estate and since we have what is effectively a CASB in microsoft cloud app security the i was thinking of using the api to push logs from the amazon s3 to CAP.

Now at cloud sec last week had a c

... Read More
127 Views
4 Replies
Looking at the doc you gave me it looks like this is a json config to allow cloud trail so if i put cloudtrail into the CAS then there isnt a lot of point putting it into... Read More
Thanks Dima

Hello Steve,

In answering I'll assume that by CAP you mean Cloud App Security (CAS), which is the Microsoft CASB product.

CAS is not meant to act as a SIEM server and con

... Read More

I have an activity report currently setup for individuals within our company to notify when information is accessed outside defined regions. Is there any plans to allow for suppressing events with a start/stop time with logic?

122 Views
3 Replies
I think Thomas means: to suppress alerts that happen within a certain time span. Is that correct Thomas?

Hi @Thomas Bui, I would be happy to help, but I'm not sure I understand the ask. Can you please clarify the scenario and motivation you are asking about? Thank you.

Read More

Can we integrate with apps apart from the ones we can setup out of the box from CAS using an API? If so, where can I get the documentation or any tutorials?

97 Views
2 Replies

Hi Chandrika,

No.  Today CAS only supports the app connectors you see in the console.  more to come in future releases.

When I look at our Discovered apps page, I do not see any information for the Upload information. How is this calculated or identified? I do know we are sending data files to certain websites and we are also storing some documents to OneDrive. Would this

... Read More
108 Views
1 Reply

Discovered apps page is populated by analyzing logs from firewall/proxies against our cloud app catalog to identify apps and rate them based on compliance with various se

... Read More

Visibility is the first step to protection: if you cannot see it, you cannot prevent it. Cloud App Security Shadow IT discovery capabilities help you to gain deeper visibility into your cloud environment by discovering more than 15K cloud apps used by you

... Read More
75 Views
0 Reply

How to I identify the AD group that a user belongs to for reporting purposes from the Cloud App Security system?

 

173 Views
3 Replies

Hello Chandrika,

To identify the groups associated with a user account, navigate to investigate> accounts and search for the user in question and click on the user groups

... Read More

We’re excited to release the CAS playbook:

 

http://aka.ms/mcaspoc

 

It will guide you through the process of setting up CAS, both in a proof of concept environment, and in production. It will help you configure it throughout your deployment, using simple

... Read More
372 Views
1 Reply
That Nice playbook and useful

CAS has just added new filtering capabilities to the Discovery reports that allow you to dive deeper into the discovered apps. Check it out: https://docs.microsoft.com/en-us/cloud-app-security/discovered-apps.

Read More
263 Views
0 Reply

What is the relationship between CAS and O365 Advanced Security Management? If we add O365 to CAS, do we still use O365 ASM?

733 Views
2 Replies

ASM is a subset of CAS. Cloud app security provides you more broader control and visibility and ASM is only focused on one thing. Thanks.

Hi Dean,

ASM offers a subset of features of MCAS focusing in Office 365 related apps and activites. Attached slides highlight the differences between the two versions.

 

... Read More
Best Response confirmed by Daniel Martins (Community Manager)

When I go to cloudappsecurity.com and login, the O365 Advanced Security Management page of our test tenant opens instead of the CAS dashboard. What do I need to do to open the CAS dashboard?

 

Follow up - for anyone else faced with this same issue, I learne

... Read More
216 Views
1 Reply

Hi Dean,

As you stated, MCAS requires either EMS E5 or standalone license. Once the appropriate license is assigned to the user they may login to the portal from https://portal.cloudappsecurity.com

... Read More
Best Response confirmed by Dean Gross (Trusted Contributor)

I am interested in adding CAS to our demo tenant that we use in meetings with our clients. Does anyone have any suggestions about where I could obtain some sample network logs to import? My network admin does not want to let me use our companies logs for

... Read More
321 Views
2 Replies

Hi Dean,

You can obtain sample network logs in the CAS portal itself.

Whenever you need new updated Discovery logs, all you need to do is:

1.      Go to ‘Create new snaps

... Read More
Best Response confirmed by Dean Gross (Trusted Contributor)