cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Protect a specific user group only

RVC
Brass Contributor

‎Oct 06 2022 05:57 AM

‎Oct 06 2022 05:57 AM

Protect a specific user group only

I know it sounds odd why you should do the below, but this is all related to understanding the behaviour of setting up MCAS/MDCA.

 

If I want to protect a SaaS app and configure the API (or set up a CAAC policy), could I limit the protection to a specific user group only and leave other users (who may also use the app) out of scope? Or, when I enable the API/CAAC policy all users that use the application are impacted?

395 Views
0 Likes
1 Reply
Reply
1 Reply
Keith_Fleming

‎Oct 06 2022 06:51 AM

‎Oct 06 2022 06:51 AM

Re: Protect a specific user group only

Hi @RVC,

 

By default when you connect app connectors this will light up threat protection alerts for everyone.  Some of these policies can be scoped but not all are possible.  If you wanted to limit activity ingestion to a specific group, you could utilize a scoped deployment.

 

Scope your Microsoft Defender for Cloud Apps deployment | Microsoft Learn

 

For an linline CaaC policy you can specify this with a group in the CA policy or within the session / access policy itself in Defender for Cloud Apps.

0 Likes
Reply