Dec 17 2019 05:49 AM
Hi,
I've reviewed the documentation @ https://docs.microsoft.com/en-us/cloud-app-security/governance-discovery in relation to blocking unsanctioned apps - specifically using MDATP on Win10 endpoints.
The documentation doesn't mention anything about governance when using MDATP - Is the functionality similar to the integration with Zscaler and iBoss, where once an app is tagged as unsanctioned it is blocked on the endpoint for all users?
Is there any way to provide greater granularity to the process - ie allow an app for some users and not for others or is it a binary choice for the entire organisation?
Thanks
Paul
Jan 26 2021 04:33 PM
@Cristian Calinescu You're right. Sorry, I can't find a solution. :'(
Jan 27 2021 01:54 AM
You can find the needed info here: https://docs.microsoft.com/en-us/cloud-app-security/mde-integration
Regarding the granular controls - this is not yet supported and is pending user granularity capabilities in MDE.
We will expose parity with MDE indicators in MCAS by allowing scoping blocks based of device groups.
Boris
Jan 27 2021 04:22 AM
@Boris_Kacevich - That's wonderful news. Looking forward to it. Many thanks.
Feb 22 2021 10:04 PM - edited Feb 22 2021 10:04 PM
Thanks, Boris. This is great news as spent most of the afternoon in vein trying to find any granular controls for unsanctioned apps. Do you know specifically when this will be arriving. Is there a preview we can signup for?
May 12 2021 12:38 AM
Feb 01 2022 09:28 AM
@Danny Kadyshevitch hi Danny, have there been any updates in regards to having this functionality in Microsoft Defender for Cloud Apps? Is it still planned or not a priority anymore? Has it already been out and I am unable to find it?