Blocking Unsanctioned apps

Brass Contributor

Hi everyone,

 

I am using Microsoft Defender for Endpoint, and now that it has incorporated Microsoft Defender for Cloud Apps, I am exploring how I can block access to unsanctioned apps.

 

I created a device group and a scoped profile for a test Allow group (Group A) and I am able to block access to a specific, unsanctioned app, which I'll call App A, for everyone else (Group B). I created the device group by tagging the relevant devices in the device inventory, and then used tags as the device group attribute. 

 

However, is it possible to get more granular control to create or use multiple groups for multiple apps, like you can do in Active Directory?

 

Ultimately, I want to be able to block unsanctioned apps for everyone, but then create exceptions for App A for Group A, App B for Group C etc., so that it isn't simply a Block OR Allow situation?

 

1 Reply

@GI472 Check out the following link

 

Scoped deployment - Microsoft Defender for Cloud Apps | Microsoft Learn

 

This will give you the ability to filter based on user group assigned to what apps and you can go as granular as you like. Check it out and let me know if you have any issues