MDE integration with Defender for Cloud Apps

Silver Contributor

I just had a client ask me if MDE P1 would provide them the ability to block unsanctioned apps through the integration with Defender for Cloud App (MCAS), or does that functionality require MDE P2

1 Reply
I think that I have found my own answer. It looks like while MDE P1 provides Web Protection, it does not support custom Indicators of Concern (this requires P2) and since MDCA generates these to block web apps on the endpoint, then MDE P2 will be required. Can anyone confirm my understanding?