Mar 06 2023 05:13 PM
Hi everyone,
I am using Microsoft Defender for Endpoint, and now that it has incorporated Microsoft Defender for Cloud Apps, I am exploring how I can block access to unsanctioned apps.
I created a device group and a scoped profile for a test Allow group (Group A) and I am able to block access to a specific, unsanctioned app, which I'll call App A, for everyone else (Group B). I created the device group by tagging the relevant devices in the device inventory, and then used tags as the device group attribute.
However, is it possible to get more granular control to create or use multiple groups for multiple apps, like you can do in Active Directory?
Ultimately, I want to be able to block unsanctioned apps for everyone, but then create exceptions for App A for Group A, App B for Group C etc., so that it isn't simply a Block OR Allow situation?
Sep 15 2023 01:31 AM
@GI472 Check out the following link
Scoped deployment - Microsoft Defender for Cloud Apps | Microsoft Learn
This will give you the ability to filter based on user group assigned to what apps and you can go as granular as you like. Check it out and let me know if you have any issues