Bring Azure AD Identity Protection risk events to CAS

%3CLINGO-SUB%20id%3D%22lingo-sub-143685%22%20slang%3D%22en-US%22%3EBring%20Azure%20AD%20Identity%20Protection%20risk%20events%20to%20CAS%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-143685%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%3EI%20would%20like%20to%20see%20improvement%20on%20the%20AzureAD%20data%20going%20to%20Cloud%20App%20Security.%20One%20example%20is%20the%20need%20to%20include%20risky%20sign%20in%20event%20information%20in%20Cloud%20App%20Security.%20For%20example%2C%20%22users%20with%20leaked%20credentials%22%20or%20%22Sign-ins%20from%20infected%20devices%22%20We%20can%20get%20this%20info%20from%20the%20Azure%20AD%20Identity%20Protection%20interface%2C%20but%20security%20ops%20is%20already%20using%20Cloud%20App%20Security%20...%20so%20we%20want%20those%20alerts%20in%20Cloud%20App%20Security.%3C%2FSPAN%3E%3CBR%20%2F%3E%20%3CBR%20%2F%3E%3CSPAN%3E%20It%20seems%20like%20this%20should%20be%20an%20easy%20feature%20that%20adds%20signifciant%20value.%20%3C%2FSPAN%3E%3CSPAN%3EHere's%20a%20link%20to%20the%20uservoice%20item%20that's%20similar%2C%20please%20add%20your%20vote.%3C%2FSPAN%3E%3CBR%20%2F%3E%20%3CBR%20%2F%3E%20%3CA%20title%3D%22https%3A%2F%2Fmicrosoftsecurity.uservoice.com%2Fforums%2F905161-cloud-app-security%2Fsuggestions%2F31649398-consolidate-cas-dashboard-with-other-microsoft-sec%22%20class%3D%22linkified%22%20href%3D%22https%3A%2F%2Fmicrosoftsecurity.uservoice.com%2Fforums%2F905161-cloud-app-security%2Fsuggestions%2F31649398-consolidate-cas-dashboard-with-other-microsoft-sec%22%20target%3D%22_blank%22%20rel%3D%22noreferrer%20noopener%22%3Ehttps%3A%2F%2Fmicrosoftsecurity.uservoice.com%2Fforums%2F905161-cloud-app-security%2Fsuggestions%2F31649398-consolidate-cas-dashboard-with-other-microsoft-sec%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-143685%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ECloud%20App%20Security%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-548228%22%20slang%3D%22en-US%22%3ERe%3A%20Bring%20Azure%20AD%20Identity%20Protection%20risk%20events%20to%20CAS%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-548228%22%20slang%3D%22en-US%22%3E%3CP%3Eagreed%20we%20need%20this%20if%20microsoft%20is%20listening.%3C%2FP%3E%3C%2FLINGO-BODY%3E
New Contributor

I would like to see improvement on the AzureAD data going to Cloud App Security. One example is the need to include risky sign in event information in Cloud App Security. For example, "users with leaked credentials" or "Sign-ins from infected devices" We can get this info from the Azure AD Identity Protection interface, but security ops is already using Cloud App Security ... so we want those alerts in Cloud App Security.

It seems like this should be an easy feature that adds signifciant value. Here's a link to the uservoice item that's similar, please add your vote.

https://microsoftsecurity.uservoice.com/forums/905161-cloud-app-security/suggestions/31649398-consol...

1 Reply

agreed we need this if microsoft is listening.