In today's digital age, where Software as a Service (SaaS) has become ubiquitous, it is critical to have a line of sight into the SaaS applications being used in your organization. The challenge is managing the growing number of apps and knowing which apps may be misconfigured or unused. This leaves an open attack vector that can be easily taken advantage of by adversaries. In our recent announcement, we shared that Microsoft Defender for Cloud Apps is shifting to a comprehensive SaaS Security solution and how critical it is to implement holistic SaaS Security strategy. Strengthening app posture and maintaining app hygiene are two critical capabilities that can help drastically reduce your app attack surface.
We are excited to share that our expanded SaaS Security Posture Management (SSPM) capabilities in Defender for Cloud Apps are now in public preview. In this post, we will also allow a peak into the new App Hygiene features which will be rolling out in the coming weeks.
[Update as of 3/2] The App Hygiene features are now available in public preview!
Identify and remediate misconfigurations with SSPM
Having visibility into apps this enables security teams to gain an initial understanding of their SaaS app landscape and approve the ones for corporate use. A subset of these SaaS apps holds the most critical data to your organization. Understanding best practices and putting the emphasis on ensuring these apps are configured securely is critical to preventing attacks. With our SSPM capabilities, you will get deeper visibility and automatically identify misconfigurations and gaps in each app.
Defender for Cloud Apps can help assess security posture to your managed SaaS apps, such as and more. This experience is integrated into Microsoft 365 Defender, providing you a holistic view into security posture across the organization via Microsoft Secure Score.
Simply, connect Defender for Cloud Apps to the SaaS app and you will automatically get out-of-the-box posture assessments.
Figure 1. Defender for Cloud apps enables you to manage your security posture of apps such as Salesforce directly via Microsoft Secure Score.
For each security posture assessment, you can see its status and if it is compliant. In addition, you can get a step-by-step guide that can be shared with the app admin. The app admin can follow this guide to remediate on all incompliant assessments. Each time an assessment becomes compliant in the app, the status in Microsoft Secure Score is updated automatically.
Figure 2. Get step-by-step remediation guide to every security posture assessment to be shared with the app admin.
App hygiene capabilities
App Governance allows you to sort and filter on app last used date, credential unused since, and credential expiration date. You can export this custom list for easy reporting and triage across your organization.
Customize your policies
App Governance provides customizable policies and out-of-the-box policies to automatically alert you on apps that haven’t been used for a certain number of days. For example, you could create a policy to automatically disable any app that hasn’t been used in the past 90 days, has high privilege permissions, and can access priority account information.
Figure 3. Configure your policy based on multiple conditions such as unused app, highly privileged and priority account consent given.
By strengthening your app posture and improving your app hygiene, you can drastically reduce your potential attack surface. Here are some ways to help you in your SaaS Security journey: