SOLVED

Ninja Cat Giveaway: Episode 6 | SaaS security posture management (SSPM)

Microsoft

For this episode, your opportunity to win a plush ninja cat is the following -

Reply to this thread with: Share with us the most valuable piece of information you gained from David's demo on SSPM!

 

This offer is non-transferable and cannot be combined with any other offer. This offer ends on April 14th, 2023, or until supplies are exhausted and is not redeemable for cash. Taxes, if there are any, are the sole responsibility of the recipient. Any gift returned as non-deliverable will not be re-sent. Please allow 6-8 weeks for shipment of your gift. Microsoft reserves the right to cancel, change, or suspend this offer at any time without notice. Offer void in Cuba, Iran, North Korea, Sudan, Syria, Region of Crimea, Russia, and where prohibited.

19 Replies
The most valuable piece of info from the SSPM session was that this feature is included with our E5 license. One question: how do the connectors to the SaaS platforms work? Is this some API call? Thanks, Greg
Thank you for the episode today!
I learned that SSPM is integrated with Microsoft Secure Score, our security team can identity misconfigurations and get a step-by-step remediation guide for a risky security configuration for the related SaaS apps.

@HeikeRitter 

 

Put the show in my :spiral_calendar: but link was not working. Where can i find the on demand show?

I love how SaaS Security Posture Management (SSPM) shows security recommendations for SaaS applications like Salesforce, DocuSign, and GitHub and it is free as well and nothing to configure if you already have the applications connected using an app connector. Can't be more easier than this..

Thank you Heike and David!
Thanks for the episode. I was using ossec host integrity servers to monitor the changes on system,file level with very short interval and I think SSPM has that capability to expand same workflow to Azure resources that we have.
best response confirmed by Ronen_Refaeli (Microsoft)
Solution

@HeikeRitter 

 

The most valuable piece of information gained from David's demo is that a majority of security failures in the cloud are human driven.  With SSPM I can now take best practices for apps, analyze how the app is configured / misconfigurations and provide security admin a better view.

@HeikeRitter I learned that SSPM is an extension of the Defender Cloud Apps product. That is a great value proposition for our CASB customers and another way to "do more with less."

@HeikeRitter  - The most valuable piece of information I gathered from this session is that how MCAS is continuously evolving towards an overall SaaS security solution and features like Secure score allow sharing of security posture improvement recommendations to the administrators of connected apps. Helps in speeding up remediation efforts. 

Lastly, kudos to Heike and team for making these short and very informative episodes, these help a lot in improving product understanding.

The most valuable piece of information that I gained was that SSPM utilizes both vendor best practices and public benchmarks (i.e. CIS) to identify misconfigurations or risk configurations and recommend the appropriate corrective action.
For me, the most valuable piece of information I gained from David's demo was getting to learn more about the Secure Score feature available in the Microsoft 365 Defender Portal. I find it amazing how this feature integrates best practices and security posture for different areas such as identity, data, service and apps. It's also a great metric for companies to know their current security posture and the recommended actions they can take to improve the security of their environment which have a direct impact on their Secure Score as well.
Thanks again for a wonderful run down,
I reckon the great value shows itself as efficiency in the overall security and protection. With the explosion of SaaS applications leveraging Microsoft Defender for Cloud Apps SSPM can simply speed up the process of detection and remediation by providing the right direction to the relevant team and obtain the results.
This well aligned with do more with less strategy!

Thanks, Saeed

@gschellenberg 

Hi!

 

Yes indeed the app connectors are api based. The same connectors used by Defender for Cloud Apps, for other features of the product are also leveraged here, which makes it seamless in terms of configuration. (On top of being available at no additional cost as you pointed out 🙂 ).

Thank you for this episode and this new feature in CASB
2 valuable informations for me :
It is included in the license you have already acquired.
If your application is connected to MCAS, so we have nothing more to do.

Nothing to pay and nothing to do --> really cool 😄

Excellent show session, I love the way to get visibility into the security posture of third party apps we have in our tenants, and the easy way to identify recommendations and actions to improve the security posture of third party apps and own apps, and the options to monitor Secure Score recommendations. Thanks Heike!
Hi Hervé, just one comment - SSPM is included in E5 license.
So, if someone has E5, SSPM will be automatically included.
Hi Heike and the Virtual Ninja Training crew! I was already well aware of the recommended best practices and benchmarks for Microsoft products, but hadn't stumbled upon the same applying for third party SaaS apps. Thanks to David, it seems like a very powerful tool to hunt down weak links in your SaaS posture!
The most valuable piece of information I gained from David's demo on SSPM was how large the current list of connectors is and how Microsoft is working to expand the list to allow SSPM to evaluate more third party cloud apps.
1 best response

Accepted Solutions
best response confirmed by Ronen_Refaeli (Microsoft)
Solution

@HeikeRitter 

 

The most valuable piece of information gained from David's demo is that a majority of security failures in the cloud are human driven.  With SSPM I can now take best practices for apps, analyze how the app is configured / misconfigurations and provide security admin a better view.

View solution in original post