App Governance - Office 365 Applications (Exchange Online, Sharepoint)


Hey Team, 


Hoping you can clear a question up for me. I am working with App Governance, I have it licensed (Defender P2 + Add On). I have it working and its currently displaying 16 apps in my tenant.


However i wanted to create some policies say for SharePoint online, but when i go to App Governance, and create a new policy I don't see the option to select "SharePoint" or "Exchange" to apply the policy to?


Shouldn't I be able to Select Exchange Online or SharePoint (other workloads as well) when creating a new policy? 





3 Replies
best response confirmed by Robert Bollinger (Contributor)
Depends on what you mean. Generally speaking, App governance mostly covers Azure AD integrated apps that leverage the Graph API. While it does cover existing apps that leverage other APIs, it's not easy to target newly added ones. See if you can leverage the "Services accessed" condition.

OK I will try that. I was under the impression that I could use app governance, to "monitor behavior" of say EXO (when its being accessed by a user).

Am I wrong in that assumption? If so, how would I "monitor" behavior of say EXO (or SharePoint) ? using app governance. 

To monitor stuff, use the Unified audit log (or export to Sentinel/splunk/whatever).