App Discovery

%3CLINGO-SUB%20id%3D%22lingo-sub-2466099%22%20slang%3D%22en-US%22%3EApp%20Discovery%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2466099%22%20slang%3D%22en-US%22%3E%3CP%3EIs%20there%20a%20way%20we%20can%20integrate%26nbsp%3BMimecast%20Web%20Security%2FDNS%20Based%20Web%20Filtering%20or%20Crowd%20Strike%20EDR%20with%20Microsoft%20Cloud%20App%20Security%20for%20discovering%20applications%20like%20we%20have%20the%20integration%20with%20Microsoft%20Defender%20and%20Firewall%20solutions.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ELets%20say%20a%20user%20is%20connected%20to%20home%20network%20(without%20connecting%20VPN)%2C%20so%20how%20to%20discover%20the%20applications%20in%20this%20case%20if%20Microsoft%20Defender%20is%20not%20being%20used.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2466099%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ECloud%20App%20Security%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Frequent Contributor

Is there a way we can integrate Mimecast Web Security/DNS Based Web Filtering or Crowd Strike EDR with Microsoft Cloud App Security for discovering applications like we have the integration with Microsoft Defender and Firewall solutions.

 

Lets say a user is connected to home network (without connecting VPN), so how to discover the applications in this case if Microsoft Defender is not being used.

1 Reply
Test it by seeing if you can create a snapshot discovery report.
https://docs.microsoft.com/en-us/defender-cloud-apps/create-snapshot-cloud-discovery-reports

If the source device logs have the required data to get into either an existing log format or a custom-created log parser without any processing errors, then you can also send those logs continuously to a log collector via syslog.
https://docs.microsoft.com/en-us/defender-cloud-apps/custom-log-parser

Finally, if all else fails you can use custom scripting/code get the data and upload it to the Cloud Discovery API.
https://docs.microsoft.com/en-us/defender-cloud-apps/api-discovery