Recommendation: Create an OAuth app policy to notify you about new OAuth applications

%3CLINGO-SUB%20id%3D%22lingo-sub-2985406%22%20slang%3D%22en-US%22%3ERecommendation%3A%20Create%20an%20OAuth%20app%20policy%20to%20notify%20you%20about%20new%20OAuth%20applications%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2985406%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3ESecure%20Score%20has%20some%20new%20recommendations%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CUL%3E%3CLI%3E%3CSPAN%3ECreate%20an%20OAuth%20app%20policy%20to%20notify%20you%20about%20new%20OAuth%20applications%3C%2FSPAN%3E%3CUL%3E%3CLI%3E%3CSPAN%3EOAuth%20app%20policies%20can%20help%20you%20manage%20app%20permission%20and%20notify%20you%20when%20a%20user%20or%20an%20admin%20consents%20to%20a%20new%20Open%20Authorization%20(OAuth)%20app.%20With%20this%20information%2C%20you%20can%20investigate%20which%20permissions%20each%20app%20requested%20and%20which%20users%20authorized%20them.%3C%2FSPAN%3E%3C%2FLI%3E%3C%2FUL%3E%3C%2FLI%3E%3CLI%3E%3CSPAN%3ECreate%20an%20app%20discovery%20policy%20to%20identify%20new%20and%20trending%20cloud%20apps%20in%20your%20org%3C%2FSPAN%3E%3CUL%3E%3CLI%3E%3CSPAN%3EApp%20discovery%20policies%20can%20notify%20you%20when%20new%20apps%20or%20abnormal%20usage%20is%20observed%20within%20your%20organization%2C%20based%20on%20traffic%20logs%20data.%3C%2FSPAN%3E%3C%2FLI%3E%3C%2FUL%3E%3C%2FLI%3E%3C%2FUL%3E%3CP%3E%3CSPAN%3EI%20have%20created%20two%20polices%20meant%20to%20answer%20these%20recommendation.%20I%20think%20the%20instructions%20are%20a%20bit%20unclear%20and%20the%20secure%20score%20is%20not%20giving%20me%20any%20points%20on%20the%20recommendations.%20I%20have%20attached%20a%20screenshot%20of%20the%20settings%20for%20the%20new%20and%20trending%20policy.%20Does%20anyone%20have%20these%20polices%20correctly%20set%20up%20so%20they%20are%20scored%20by%20the%20secure%20score%20feature%3F%20Thanks%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3030041%22%20slang%3D%22en-US%22%3ERe%3A%20Recommendation%3A%20Create%20an%20OAuth%20app%20policy%20to%20notify%20you%20about%20new%20OAuth%20applications%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3030041%22%20slang%3D%22en-US%22%3EUnfortunately%2C%20I%20don't%20think%20Secure%20Score%20falls%20under%20Defender%20for%20Cloud%20Apps.%20Sorry.%3CBR%20%2F%3E%3CBR%20%2F%3EPerhaps%2C%20try%20the%20SC%26amp%3BI%20group.%20It%20looks%20like%20Secure%20Score%20questions%20are%20getting%20answered%20there.%3CBR%20%2F%3E%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fsecurity-compliance-and-identity%2Fbd-p%2FSecurityandCompliance%22%20target%3D%22_blank%22%3Ehttps%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fsecurity-compliance-and-identity%2Fbd-p%2FSecurityandCompliance%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fsecurity-compliance-and-identity%2Fbd-p%2FSecurityandCompliance%22%20target%3D%22_blank%22%3Ehttps%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fsecurity-compliance-and-identity%2Fbd-p%2FSecurityandCompliance%3C%2FA%3E%3C%2FLINGO-BODY%3E
Occasional Contributor

Hi,

Secure Score has some new recommendations:

 

  • Create an OAuth app policy to notify you about new OAuth applications
    • OAuth app policies can help you manage app permission and notify you when a user or an admin consents to a new Open Authorization (OAuth) app. With this information, you can investigate which permissions each app requested and which users authorized them.
  • Create an app discovery policy to identify new and trending cloud apps in your org
    • App discovery policies can notify you when new apps or abnormal usage is observed within your organization, based on traffic logs data.

I have created two polices meant to answer these recommendation. I think the instructions are a bit unclear and the secure score is not giving me any points on the recommendations. I have attached a screenshot of the settings for the new and trending policy. Does anyone have these polices correctly set up so they are scored by the secure score feature? Thanks 

1 Reply
Unfortunately, I don't think Secure Score falls under Defender for Cloud Apps. Sorry.

Perhaps, try the SC&I group. It looks like Secure Score questions are getting answered there.

https://techcommunity.microsoft.com/t5/security-compliance-and-identity/bd-p/SecurityandCompliance

https://techcommunity.microsoft.com/t5/security-compliance-and-identity/bd-p/SecurityandCompliance