Sep 26 2023 12:07 PM
All,
I am trying to test blocking of unsanctioned cloud apps and I have created a group for testing since I do not want to enforce this for all users.
When I go to Settings>Cloud Apps>App tags I do not see the scoped profile tab at all so I can only select the test group to enforce the blocking of unsanctioned apps.
In this article you will see the option for scoped profile tab:
Govern discovered apps using Microsoft Defender for Endpoint - Microsoft Defender for Cloud Apps | M...
In the screenshot below is the option I do not see. I have checked my roles and I have global admin roles as well as other security roles for Defender portal.
Oct 02 2023 02:11 PM
Oct 12 2023 06:17 AM
I've also got this issue. According to the same article posted by Bosanac89: https://learn.microsoft.com/en-us/defender-cloud-apps/mde-govern#blocking-apps
Step 1 says:
1. In the Microsoft 365 Defender portal, select Settings. Then choose Cloud Apps. Then under Cloud discovery, select Apps tags and go to the Scoped profiles tab.
This tab does not exist:
We are fully licensed, Defender for Endpoint preview features are switched on, both prerequisites are met (from: https://learn.microsoft.com/en-us/defender-cloud-apps/mde-govern#how-to-enable-cloud-app-blocking-wi...), device groups created and active (for a long time before trying to implement a scoped profile). DfE is integrated with DfCA and vice versa.
This option simply does not exist where it is supposed to. Has it been disabled or moved? Is there another way to implement exclusions for app blocking via unsanctioned apps? (e.g. based on tags, users, groups, ip addresses, or devices?)
Oct 12 2023 06:23 AM
Oct 24 2023 12:31 PM
Feb 14 2024 11:48 AM
@Bosanac89 Since you've already verified having the appropriate admin roles and licenses enabled, my suspicion is there may be some prerequisite not yet met for that scoped profile tab to appear. I know you enabled the Defender for Endpoint preview features already, but there could be an additional configuration step needed to activate that capability.
Rather than repeating suggestions you've already tried from other community members, I would recommend opening a support case directly with Microsoft if you haven't already. Explain precisely what steps you've taken and what options you expect to see but don't. The engineers and product team there would have the best insight on whether a bug, missing prerequisite, or something else is preventing that scoped profile tab from showing up.
Feb 15 2024 06:51 AM