All,
I am trying to test blocking of unsanctioned cloud apps and I have created a group for testing since I do not want to enforce this for all users.
When I go to Settings>Cloud Apps>App tags I do not see the scoped profile tab at all so I can only select the test group to enforce the blocking of unsanctioned apps.
In this article you will see the option for scoped profile tab:
Govern discovered apps using Microsoft Defender for Endpoint - Microsoft Defender for Cloud Apps | M...
In the screenshot below is the option I do not see. I have checked my roles and I have global admin roles as well as other security roles for Defender portal.
I've also got this issue. According to the same article posted by Bosanac89: https://learn.microsoft.com/en-us/defender-cloud-apps/mde-govern#blocking-apps
Step 1 says:
1. In the Microsoft 365 Defender portal, select Settings. Then choose Cloud Apps. Then under Cloud discovery, select Apps tags and go to the Scoped profiles tab.
This tab does not exist:
We are fully licensed, Defender for Endpoint preview features are switched on, both prerequisites are met (from: https://learn.microsoft.com/en-us/defender-cloud-apps/mde-govern#how-to-enable-cloud-app-blocking-wi...), device groups created and active (for a long time before trying to implement a scoped profile). DfE is integrated with DfCA and vice versa.
This option simply does not exist where it is supposed to. Has it been disabled or moved? Is there another way to implement exclusions for app blocking via unsanctioned apps? (e.g. based on tags, users, groups, ip addresses, or devices?)
