Stop Cloud & Hybrid Apps from being Cyber Attack Entry Points

Published Nov 01 2021 01:19 PM 2,951 Views
Contributor

Screen Shot 2021-11-01 at 4.00.51 PM.png

 

Prevent your cloud and hybrid apps from becoming entry points to cyber attacks and exploits with Microsoft app governance, now generally available. Jeremy Chapman, Director of Microsoft 365, walks through a cloud app-based attack and shows how app governance helps you get visibility into the compliance posture of all your connected cloud apps, identify anomalous behaviors and risk, and take action to respond to threats.

 

 

 

QUICK LINKS:

 

Link References:

 

Unfamiliar with Microsoft Mechanics?

 

Keep getting this insider knowledge, join us on social:


Video Transcript:

%3CLINGO-SUB%20id%3D%22lingo-sub-2910513%22%20slang%3D%22en-US%22%3EStop%20Cloud%20%26amp%3B%20Hybrid%20Apps%20from%20being%20Cyber%20Attack%20Entry%20Points%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2910513%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Screen%20Shot%202021-11-01%20at%204.00.51%20PM.png%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F322485i6CF446725EE336D5%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22Screen%20Shot%202021-11-01%20at%204.00.51%20PM.png%22%20alt%3D%22Screen%20Shot%202021-11-01%20at%204.00.51%20PM.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%3EPrevent%20your%20cloud%20and%20hybrid%20apps%20from%20becoming%20entry%20points%20to%20cyber%20attacks%20and%20exploits%20with%20Microsoft%20app%20governance%2C%20now%20generally%20available.%26nbsp%3B%3C%2FSPAN%3E%3CA%20class%3D%22ea%20jj%22%20href%3D%22https%3A%2F%2Ftwitter.com%2Fdeployjeremy%22%20target%3D%22_blank%22%20rel%3D%22noopener%20ugc%20nofollow%20noreferrer%22%3EJeremy%20Chapman%3C%2FA%3E%3CSPAN%3E%2C%20Director%20of%20Microsoft%20365%2C%20walks%20through%20a%20cloud%20app-based%20attack%20and%20shows%20how%20app%20governance%20helps%20you%20get%20visibility%20into%20the%20compliance%20posture%20of%20all%20your%20connected%20cloud%20apps%2C%20identify%20anomalous%20behaviors%20and%20risk%2C%20and%20take%20action%20to%20respond%20to%20threats.%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%3CDIV%20class%3D%22video-embed-center%20video-embed%22%3E%3CIFRAME%20class%3D%22embedly-embed%22%20src%3D%22https%3A%2F%2Fcdn.embedly.com%2Fwidgets%2Fmedia.html%3Fsrc%3Dhttps%253A%252F%252Fwww.youtube.com%252Fembed%252FKmE8LW_tJ1M%253Ffeature%253Doembed%26amp%3Bdisplay_name%3DYouTube%26amp%3Burl%3Dhttps%253A%252F%252Fwww.youtube.com%252Fwatch%253Fv%253DKmE8LW_tJ1M%26amp%3Bimage%3Dhttps%253A%252F%252Fi.ytimg.com%252Fvi%252FKmE8LW_tJ1M%252Fhqdefault.jpg%26amp%3Bkey%3Db0d40caa4f094c68be7c29880b16f56e%26amp%3Btype%3Dtext%252Fhtml%26amp%3Bschema%3Dyoutube%22%20width%3D%22600%22%20height%3D%22337%22%20scrolling%3D%22no%22%20title%3D%22YouTube%20embed%22%20frameborder%3D%220%22%20allow%3D%22autoplay%3B%20fullscreen%22%20allowfullscreen%3D%22true%22%3E%3C%2FIFRAME%3E%3C%2FDIV%3E%3CP%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CSECTION%20class%3D%22dp%20hr%20hs%20dk%20ht%22%3E%0A%3CDIV%20class%3D%22n%20p%22%3E%0A%3CDIV%20class%3D%22ap%20aq%20ar%20as%20at%20gj%20av%20v%22%3E%0A%3CH2%20id%3D%22a93a%22%20class%3D%22rr%20lp%20hv%20ba%20dc%20lr%20vf%20lt%20ia%20lu%20vg%20lw%20ie%20lx%20vh%20lz%20ma%20mb%20vi%20md%20me%20mf%20vj%20mh%20mi%20sh%20is%22%20data-selectable-paragraph%3D%22%22%20id%3D%22toc-hId--299001135%22%20id%3D%22toc-hId--299001133%22%3EQUICK%20LINKS%3A%3C%2FH2%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20ml%20hz%20jf%20jg%20mm%20id%20ji%20jj%20mn%20jl%20jm%20jn%20mo%20jp%20jq%20jr%20mp%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E%3CA%20class%3D%22bv%20jw%22%20href%3D%22https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DKmE8LW_tJ1M%26amp%3Bt%3D28s%22%20target%3D%22_blank%22%20rel%3D%22noopener%20ugc%20nofollow%20noreferrer%22%3E00%3A28%3C%2FA%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%E2%80%94%20Cross%20app%20integrations%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E%3CA%20class%3D%22bv%20jw%22%20href%3D%22https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DKmE8LW_tJ1M%26amp%3Bt%3D133s%22%20target%3D%22_blank%22%20rel%3D%22noopener%20ugc%20nofollow%20noreferrer%22%3E02%3A13%3C%2FA%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%E2%80%94%20Attack%20demo%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E%3CA%20class%3D%22bv%20jw%22%20href%3D%22https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DKmE8LW_tJ1M%26amp%3Bt%3D229s%22%20target%3D%22_blank%22%20rel%3D%22noopener%20ugc%20nofollow%20noreferrer%22%3E03%3A49%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FA%3E%E2%80%94%20How%20app%20governance%20detects%20and%20mitigates%20risks%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E%3CA%20class%3D%22bv%20jw%22%20href%3D%22https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DKmE8LW_tJ1M%26amp%3Bt%3D337s%22%20target%3D%22_blank%22%20rel%3D%22noopener%20ugc%20nofollow%20noreferrer%22%3E05%3A37%3C%2FA%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%E2%80%94%20Behind%20the%20policy%20and%20how%20to%20block%20apps%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E%3CA%20class%3D%22bv%20jw%22%20href%3D%22https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DKmE8LW_tJ1M%26amp%3Bt%3D403s%22%20target%3D%22_blank%22%20rel%3D%22noopener%20ugc%20nofollow%20noreferrer%22%3E06%3A43%3C%2FA%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%E2%80%94%20Templates%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E%3CA%20class%3D%22bv%20jw%22%20href%3D%22https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DKmE8LW_tJ1M%26amp%3Bt%3D456s%22%20target%3D%22_blank%22%20rel%3D%22noopener%20ugc%20nofollow%20noreferrer%22%3E07%3A3%3CSPAN%3E6%3C%2FSPAN%3E%3C%2FA%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%E2%80%94%20Wrap%20up%3C%2FP%3E%0A%3CH2%20class%3D%22rr%20lp%20hv%20ba%20dc%20lr%20vf%20lt%20ia%20lu%20vg%20lw%20ie%20lx%20vh%20lz%20ma%20mb%20vi%20md%20me%20mf%20vj%20mh%20mi%20sh%20is%22%20data-selectable-paragraph%3D%22%22%20id%3D%22toc-hId--2106455598%22%20id%3D%22toc-hId--2106455596%22%3E%26nbsp%3B%3C%2FH2%3E%0A%3CH2%20id%3D%220e6e%22%20class%3D%22rr%20lp%20hv%20ba%20dc%20lr%20vf%20lt%20ia%20lu%20vg%20lw%20ie%20lx%20vh%20lz%20ma%20mb%20vi%20md%20me%20mf%20vj%20mh%20mi%20sh%20is%22%20data-selectable-paragraph%3D%22%22%20id%3D%22toc-hId-381057235%22%20id%3D%22toc-hId-381057237%22%3ELink%20References%3A%3C%2FH2%3E%0A%3CUL%20class%3D%22%22%3E%0A%3CLI%20id%3D%22e76e%22%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20ml%20hz%20jf%20jg%20mm%20id%20ji%20jj%20mn%20jl%20jm%20jn%20mo%20jp%20jq%20jr%20mp%20jt%20ju%20jv%20sq%20sr%20ss%20is%22%20data-selectable-paragraph%3D%22%22%3EEnable%20a%20trial%20by%20going%20to%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20class%3D%22bv%20jw%22%20href%3D%22https%3A%2F%2Faka.ms%2Fappgovernance%22%20target%3D%22_blank%22%20rel%3D%22noopener%20ugc%20noreferrer%22%3Ehttps%3A%2F%2Faka.ms%2Fappgovernance%3C%2FA%3E%3C%2FLI%3E%0A%3CLI%20id%3D%22ee81%22%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20su%20hz%20jf%20jg%20sv%20id%20ji%20jj%20vk%20jl%20jm%20jn%20vl%20jp%20jq%20jr%20vm%20jt%20ju%20jv%20sq%20sr%20ss%20is%22%20data-selectable-paragraph%3D%22%22%3ETo%20learn%20more%2C%20check%20out%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20class%3D%22bv%20jw%22%20href%3D%22https%3A%2F%2Faka.ms%2Fappgovernancedocs%22%20target%3D%22_blank%22%20rel%3D%22noopener%20ugc%20noreferrer%22%3Ehttps%3A%2F%2Faka.ms%2Fappgovernancedocs%3C%2FA%3E%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CH2%20class%3D%22rr%20lp%20hv%20ba%20dc%20lr%20vf%20lt%20ia%20lu%20vg%20lw%20ie%20lx%20vh%20lz%20ma%20mb%20vi%20md%20me%20mf%20vj%20mh%20mi%20sh%20is%22%20data-selectable-paragraph%3D%22%22%20id%3D%22toc-hId--1426397228%22%20id%3D%22toc-hId--1426397226%22%3E%26nbsp%3B%3C%2FH2%3E%0A%3CH2%20id%3D%22fd26%22%20class%3D%22rr%20lp%20hv%20ba%20dc%20lr%20vf%20lt%20ia%20lu%20vg%20lw%20ie%20lx%20vh%20lz%20ma%20mb%20vi%20md%20me%20mf%20vj%20mh%20mi%20sh%20is%22%20data-selectable-paragraph%3D%22%22%20id%3D%22toc-hId-1061115605%22%20id%3D%22toc-hId-1061115607%22%3EUnfamiliar%20with%20Microsoft%20Mechanics%3F%3C%2FH2%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20ml%20hz%20jf%20jg%20mm%20id%20ji%20jj%20mn%20jl%20jm%20jn%20mo%20jp%20jq%20jr%20mp%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3EWe%20are%20Microsoft%E2%80%99s%20official%20video%20series%20for%20IT.%20You%20can%20watch%20and%20share%20valuable%20content%20and%20demos%20of%20current%20and%20upcoming%20tech%20from%20the%20people%20who%20build%20it%20at%20Microsoft.%3C%2FP%3E%0A%3CUL%20class%3D%22%22%3E%0A%3CLI%20id%3D%22e0c9%22%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20sq%20sr%20ss%20is%22%20data-selectable-paragraph%3D%22%22%3ESubscribe%20to%20our%20YouTube%3A%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20class%3D%22bv%20jw%22%20href%3D%22https%3A%2F%2Fwww.youtube.com%2Fc%2FMicrosoftMechanicsSeries%3Fsub_confirmation%3D1%22%20target%3D%22_blank%22%20rel%3D%22noopener%20ugc%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fwww.youtube.com%2Fc%2FMicrosoftMechanicsSeries%3Fsub_confirmation%3D1%3C%2FA%3E%3C%2FLI%3E%0A%3CLI%20id%3D%229ede%22%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20su%20hz%20jf%20jg%20sv%20id%20ji%20jj%20vk%20jl%20jm%20jn%20vl%20jp%20jq%20jr%20vm%20jt%20ju%20jv%20sq%20sr%20ss%20is%22%20data-selectable-paragraph%3D%22%22%3EJoin%20us%20on%20the%20Microsoft%20Tech%20Community%3A%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20class%3D%22bv%20jw%22%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fmicrosoft-mechanics-blog%2Fbg-p%2FMicrosoftMechanicsBlog%22%20target%3D%22_blank%22%20rel%3D%22ugc%22%3Ehttps%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fmicrosoft-mechanics-blog%2Fbg-p%2FMicrosoftMechanicsBlog%3C%2FA%3E%3C%2FLI%3E%0A%3CLI%20id%3D%22d801%22%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20su%20hz%20jf%20jg%20sv%20id%20ji%20jj%20vk%20jl%20jm%20jn%20vl%20jp%20jq%20jr%20vm%20jt%20ju%20jv%20sq%20sr%20ss%20is%22%20data-selectable-paragraph%3D%22%22%3EWatch%20or%20listen%20via%20podcast%20here%3A%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20class%3D%22bv%20jw%22%20href%3D%22https%3A%2F%2Fmicrosoftmechanics.libsyn.com%2Fwebsite%22%20target%3D%22_blank%22%20rel%3D%22noopener%20ugc%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fmicrosoftmechanics.libsyn.com%2Fwebsite%3C%2FA%3E%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CH2%20class%3D%22rr%20lp%20hv%20ba%20dc%20lr%20vf%20lt%20ia%20lu%20vg%20lw%20ie%20lx%20vh%20lz%20ma%20mb%20vi%20md%20me%20mf%20vj%20mh%20mi%20sh%20is%22%20data-selectable-paragraph%3D%22%22%20id%3D%22toc-hId--746338858%22%20id%3D%22toc-hId--746338856%22%3E%26nbsp%3B%3C%2FH2%3E%0A%3CH2%20id%3D%22722b%22%20class%3D%22rr%20lp%20hv%20ba%20dc%20lr%20vf%20lt%20ia%20lu%20vg%20lw%20ie%20lx%20vh%20lz%20ma%20mb%20vi%20md%20me%20mf%20vj%20mh%20mi%20sh%20is%22%20data-selectable-paragraph%3D%22%22%20id%3D%22toc-hId-1741173975%22%20id%3D%22toc-hId-1741173977%22%3EKeep%20getting%20this%20insider%20knowledge%2C%20join%20us%20on%20social%3A%3C%2FH2%3E%0A%3CUL%20class%3D%22%22%3E%0A%3CLI%20id%3D%229a65%22%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20ml%20hz%20jf%20jg%20mm%20id%20ji%20jj%20mn%20jl%20jm%20jn%20mo%20jp%20jq%20jr%20mp%20jt%20ju%20jv%20sq%20sr%20ss%20is%22%20data-selectable-paragraph%3D%22%22%3EFollow%20us%20on%20Twitter%3A%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20class%3D%22bv%20jw%22%20href%3D%22https%3A%2F%2Ftwitter.com%2FMSFTMechanics%22%20target%3D%22_blank%22%20rel%3D%22noopener%20ugc%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Ftwitter.com%2FMSFTMechanics%3C%2FA%3E%3C%2FLI%3E%0A%3CLI%20id%3D%224b86%22%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20su%20hz%20jf%20jg%20sv%20id%20ji%20jj%20vk%20jl%20jm%20jn%20vl%20jp%20jq%20jr%20vm%20jt%20ju%20jv%20sq%20sr%20ss%20is%22%20data-selectable-paragraph%3D%22%22%3EFollow%20us%20on%20LinkedIn%3A%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20class%3D%22bv%20jw%22%20href%3D%22https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fmicrosoft-mechanics%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20ugc%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fmicrosoft-mechanics%2F%3C%2FA%3E%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CHR%20%2F%3E%3C%2FDIV%3E%0A%3C%2FDIV%3E%0A%3C%2FSECTION%3E%0A%3CSECTION%20class%3D%22dp%20hr%20hs%20dk%20ht%22%3E%0A%3CDIV%20class%3D%22n%20p%22%3E%0A%3CDIV%20class%3D%22ap%20aq%20ar%20as%20at%20gj%20av%20v%22%3E%0A%3CH2%20id%3D%224856%22%20class%3D%22rr%20lp%20hv%20ba%20dc%20lr%20vf%20lt%20ia%20lu%20vg%20lw%20ie%20lx%20vh%20lz%20ma%20mb%20vi%20md%20me%20mf%20vj%20mh%20mi%20sh%20is%22%20data-selectable-paragraph%3D%22%22%20id%3D%22toc-hId--66280488%22%20id%3D%22toc-hId--66280486%22%3EVideo%20Transcript%3A%3C%2FH2%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20ml%20hz%20jf%20jg%20mm%20id%20ji%20jj%20mn%20jl%20jm%20jn%20mo%20jp%20jq%20jr%20mp%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E-Coming%20up%2C%20with%20your%20cloud%20and%20hybrid%20apps%20now%20increasingly%20connected%20to%20your%20data%20and%20services%2C%20we%20look%20at%20how%20you%20can%20prevent%20them%20from%20becoming%20entry%20points%20to%20cyber%20attacks%20and%20exploits%20with%20Microsoft%20app%20governance%2C%20which%20is%20now%20generally%20available.%20In%20the%20next%20few%20minutes%20I%E2%80%99ll%20walk%20through%20a%20cloud%20app-based%20attack%2C%20and%20show%20you%20how%20app%20governance%20helps%20you%20to%20quickly%20get%20visibility%20into%20the%20compliance%20posture%20of%20all%20your%20connected%20cloud%20apps%2C%20identify%20anomalous%20behaviors%20in%20risk%2C%20and%20take%20action%20to%20respond%20to%20threats.%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20ml%20hz%20jf%20jg%20mm%20id%20ji%20jj%20mn%20jl%20jm%20jn%20mo%20jp%20jq%20jr%20mp%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E-Now%2C%20as%20more%20and%20more%20of%20us%20are%20adopting%20cloud-based%20services%2C%20creating%20connections%20between%20those%20apps%20and%20connecting%20them%20to%20data%20sources%20and%20information%20through%20APIs%20are%20a%20normal%20part%20of%20everyday%20app%20architecture%20and%20add%20a%20lot%20of%20efficiency%20and%20convenience.%20For%20example%2C%20these%20types%20of%20integrations%20are%20how%20apps%20like%20Microsoft%20Teams%20leverage%20Microsoft%20graph%20APIs%20to%20access%20key%20information%20in%20the%20Office%20substrate.%20Like%20your%20calendar%2C%20when%20you%20view%20your%20meetings%2C%20Teams%20gets%20it%E2%80%99s%20calendar%20data%20from%20Exchange%20Online.%20Or%2C%20when%20you%20create%20a%20new%20file%2C%20Microsoft%20Teams%20will%20post%20that%20file%20to%20SharePoint%20Online.%20Importantly%2C%20each%20of%20these%20cross%20app%20integrations%20include%20a%20set%20of%20parameters%3A%20what%20that%20app%20is%20permitted%20to%20access%20and%20what%E2%80%99s%20done%20with%20the%20data%2C%20like%20allowing%20read%20access%2C%20but%20maybe%20blocking%20rights%20or%20downloads.%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E-And%20that%E2%80%99s%20just%20an%20example%20of%20what%20we%20do%20for%20Microsoft%20apps.%20And%20you%20might%20be%20creating%20similar%20integrations%20for%20your%20in-house%20apps%2C%20where%20you%20connect%20to%20capabilities%20or%20data%20sources%20exposed%20via%20the%20Microsoft%20Graph%20or%20other%20published%20APIs%20too.%20Now%2C%20while%20this%20type%20of%20cross%20app%20connectivity%20can%20help%20improve%20productivity%2C%20optimize%20processes%2C%20and%20code%20efficiency%2C%20and%20reduce%20things%20like%20duplicated%20services%2C%20if%20you%20don%E2%80%99t%20know%20which%20apps%20are%20connected%2C%20or%20what%20they%E2%80%99re%20doing%2C%20they%20may%20end%20up%20accessing%20more%20information%20than%20they%20should%2C%20which%20then%20becomes%20a%20path%20into%20your%20organization%20for%20malicious%20actors%20to%20exploit.%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E-And%20the%20reality%20is%2C%20you%20may%20have%20hundreds%20or%20maybe%20thousands%20of%20cloud%20apps%20inside%20of%20your%20organization%2C%20which%20makes%20it%20almost%20impossible%20to%20test%20and%20verify%20and%20continually%20retest%20each%20and%20every%20app%20and%20keep%20a%20handle%20on%20their%20activities.%20This%20is%20where%20app%20governance%20from%20Microsoft%20comes%20in%2C%20to%20reduce%20apps%20as%20a%20potential%20attack%20vector%20by%20continually%20monitoring%20the%20operations%20they%20perform%20in%20your%20environment%2C%20and%20automatically%20and%20proactively%20disabling%20high-risk%20apps.%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E-To%20show%20you%20how%20this%20works%2C%20I%E2%80%99m%20going%20to%20walk%20you%20through%20how%20you%20use%20app%20governance%20to%20find%20and%20stop%20a%20real%20attack%2C%20along%20with%20what%20you%20can%20do%20to%20automatically%20respond%20to%20future%20attacks.%20Now%2C%20we%E2%80%99ll%20start%20with%20a%20common%20scenario%2C%20where%20an%20app%20has%20been%20internally%20built%20and%20forgotten%2C%20and%20the%20original%20developer%20isn%E2%80%99t%20even%20around%20anymore.%20In%20our%20case%2C%20it%E2%80%99s%20a%20trusted%20OAuth%20app%20built%20a%20few%20years%20ago%2C%20and%20it%20has%20a%20higher%20set%20of%20privileges%20than%20it%20actually%20needs%2C%20and%20isn%E2%80%99t%20used%20that%20much.%20Meanwhile%20our%20bad%20actor%2C%20targeting%20the%20organization%2C%20is%20able%20to%20get%20valid%20Microsoft%20365%20credentials%20for%20a%20privileged%20user%20via%20a%20public%20site%20that%20publishes%20breached%20passwords.%20Now%20these%20types%20of%20sites%20actually%20do%20exist%2C%20and%20are%20a%20great%20tool%20for%20hackers%2C%20even%20though%20their%20primary%20purpose%20is%20really%20to%20alert%20users%20of%20the%20impact%20of%20personal%20data%20breaches.%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E-Next%2C%20armed%20with%20these%20credentials%2C%20our%20bad%20actor%20scans%20the%20environment%20to%20find%20our%20vulnerable%20app%20with%20its%20high%20level%20of%20permissions%2C%20and%20uses%20them%20to%20add%20another%20set%20of%20credentials%20for%20that%20app.%20Now%20this%20gives%20them%20persistent%2C%20high-privileged%20access%20with%20read%20and%20write%20permissions%20to%20high-privileged%20files%20stored%20in%20SharePoint%20and%20OneDrive.%20So%20now%2C%20they%20can%20exfiltrate%20the%20data%20that%20they%20want%2C%20mass%20download%20the%20files%20they%20want%2C%20and%20even%20modify%20them%20using%20encryption%20for%20ransom%2C%20which%20will%20infect%20the%20entire%20organization.%20By%20the%20way%2C%20similar%20to%20attacks%20that%20we%E2%80%99ve%20seen%20out%20in%20the%20wild%2C%20you%20may%20have%20noticed%20that%20our%20bad%20actor%20did%20not%20target%20the%20user%20account%20directly%2C%20which%20could%20be%20subject%20to%20things%20like%20conditional%20access%20restrictions.%20That%20way%2C%20even%20if%20the%20hacked%20user%20changes%20their%20password%20or%20enables%20multi-factor%20authentication%2C%20the%20attacker%20still%20has%20persistent%20access%20and%20IT%20is%20oblivious%20to%20unwanted%20activity%20from%20this%20trusted%20internal%20app.%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E-Now%20let%E2%80%99s%20see%20how%20app%20governance%20then%20would%20detect%20this%20and%20help%20mitigate%20the%20risk.%20So%2C%20I%E2%80%99m%20in%20the%20app%20governance%20dashboard%2C%20and%20each%20app%20highlighted%20here%20as%20an%20OAuth-enabled%20cloud%20app%2C%20that%20can%20access%20Microsoft%20365%20data%20using%20graph%20APIs.%20Here%2C%20you%20can%20see%20apps%20with%20high%20privilege%2C%20alert%20details%20and%20also%20data%20access%20trends%20over%20time.%20Under%20top%20alerts%2C%20you%20can%20see%20that%20we%20have%20a%20high%20severity%20alert%20that%20we%20need%20to%20investigate.%20It%20was%20triggered%20by%20a%20policy%20that%20looks%20for%20excessive%20data%20usage%20with%20our%20LOB%20app.%20So%2C%20I%E2%80%99m%20going%20to%20click%20in%20here%20to%20view%20the%20threat%20and%20policy%20alerts%2C%20and%20there%E2%80%99s%20our%20anomalous%20data%20access%20alert.%20And%20now%2C%20this%20links%20me%20directly%20to%20the%20offending%20app%2C%20our%20Contoso%20file%20parser.%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E-Now%2C%20I%E2%80%99ll%20drill%20into%20this%20alert%20to%20find%20out%20more%2C%20and%20you%E2%80%99ll%20see%20a%20complete%20view%20of%20the%20app%E2%80%99s%20behavior.%20So%20first%2C%20we%20can%20see%2C%20in%20this%20case%20our%20app%20publisher%20was%20not%20verified%2C%20and%20that%E2%80%99s%20because%20it%20was%20an%20internally-developed%20app%20from%20a%20citizen%20developer.%20Next%2C%20in%20usage%2C%20it%E2%80%99s%20found%20that%20the%20volume%20of%20data%20access%20is%20trending%20higher%20than%20usual.%20And%20this%20is%20important%2C%20because%20the%20app%20may%20have%20been%20verified%20as%20low-risk%20when%20it%20was%20initially%20authorized%2C%20but%20now%20it%E2%80%99s%20accessing%20a%20lot%20more%20data%20compared%20to%20its%20previous%20behavior.%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E-Next%20then%20in%20users%2C%20we%20can%20see%20the%20number%20of%20consented%20users%20and%20the%20user%20with%20the%20most%20data%20usage%20also%20happens%20to%20be%20a%20priority%20user.%20Finally%2C%20the%20permissions%20granted%20to%20this%20app%20are%20very%20high.%20It%20can%20read%20and%20write%20all%20files%20stored%20in%20SharePoint%20and%20OneDrive.%20And%20this%20is%20already%20a%20significant%20risk%20in%20itself.%20So%2C%20taking%20into%20account%20all%20these%20factors%2C%20we%20can%20directly%20take%20action%20here%20and%20disable%20the%20app.%20And%20once%20I%20do%20this%2C%20it%20can%20no%20longer%20authenticate%20the%20organizations%20Microsoft%20365%20data%20or%20resources%2C%20and%20you%E2%80%99ve%20mitigated%20the%20risk%20from%20this%20point%20forward.%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E-And%20there%20are%20ways%20that%20I%E2%80%99ll%20show%20you%20in%20a%20moment%20to%20stop%20the%20attack%20in%20its%20tracks%2C%20before%20significant%20data%20has%20been%20compromised.%20But%20before%20we%20do%20that%2C%20let%E2%80%99s%20see%20exactly%20what%E2%80%99s%20behind%20the%20policy%20that%20detected%20our%20alert.%20I%20can%20see%20our%20policy%20here%2C%20and%20I%E2%80%99m%20going%20to%20go%20ahead%20and%20click%20edit.%20And%20in%20this%20case%2C%20the%20policy%E2%80%99s%20primary%20function%20is%20to%20detect%20whether%20data%20usage%20for%20the%20app%20is%20higher%20than%20usual.%20In%20this%20case%2C%20we%E2%80%99re%20looking%20for%20apps%20that%20access%20more%20than%20200%20MB%20of%20data%20per%20day.%20In%20fact%2C%20to%20visualize%20this%2C%20if%20we%20hop%20back%20to%20the%20data%20usage%20trend%20of%20our%20app%2C%20you%20can%20see%20that%20it%E2%80%99s%20analyzing%20the%20usage%20patterns%2C%20and%20if%20it%20exceeds%20200%20MB%20here%2C%20like%20we%20see%20what%20this%20recent%20spike%2C%20the%20alerts%20going%20to%20get%20triggered.%20And%20I%20can%20manually%20take%20action%20then%20to%20mitigate%20it.%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E-Now%2C%20let%20me%20show%20you%20how%20to%20proactively%20block%20the%20app%2C%20once%20app%20governance%20detects%20anomalous%20behavior.%20And%20to%20automate%20remediation%2C%20I%E2%80%99ll%20go%20to%20the%20next%20screen.%20And%20you%20can%20use%20an%20action%20to%20find%20your%20policy%20settings%20here%20to%20automatically%20disable%20the%20app%2C%20which%20neutralizes%20the%20threat%20immediately%2C%20without%20you%20having%20to%20take%20manual%20action.%20Additionally%2C%20as%20you%20would%20expect%2C%20any%20alert%20signals%20from%20app%20governance%20also%20appear%20in%20Microsoft%20Offender.%20In%20fact%2C%20here%E2%80%99s%20the%20alert%20that%20we%20just%20saw%20in%20app%20governance.%20And%20this%20can%20help%20you%20piece%20together%20the%20broader%20story%20behind%20the%20given%20attack.%20Now%2C%20we%E2%80%99ve%20also%20made%20it%20easier%20to%20enable%20and%20customize%20policies%20like%20this%20one.%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E-In%20fact%2C%20there%20are%20built-in%20templates%20to%20get%20you%20started%20quickly%2C%20in%20just%20a%20few%20clicks.%20This%20includes%20templates%20for%20app%20usage%2C%20which%20looks%20for%20patterns%20like%20an%20increase%20in%20app%20users%2C%20or%20higher%20than%20usual%20data%20volume.%20Another%2C%20is%20for%20high-risk%20app%20permissions%20to%20alert%20you%20of%20apps%20that%20might%20have%20more%20permission%20than%20they%20actually%20need.%20And%20the%20third%20here%2C%20is%20to%20find%20new%20apps%20that%20haven%E2%80%99t%20yet%20been%20certified%20for%20Microsoft%20365.%20And%20of%20course%2C%20you%20can%20create%20custom%20policies%20as%20you%20can%20see%20here%2C%20with%2018%20policy%20product%20kits%20available%20to%20detect%20other%20types%20of%20behavior.%20The%20good%20news%20is%2C%20once%20enabled%2C%20these%20policies%20continually%20assess%20the%20activities%2C%20the%20permissions%2C%20and%20verification%20status%20of%20each%20and%20every%20app%20connected%20to%20your%20environment%20to%20ensure%20that%20they%E2%80%99re%20behaving%20as%20intended%2C%20with%20alerts%20or%20automated%20actions%20triggered%20when%20they%20don%E2%80%99t.%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20class%3D%22ja%20jb%20hv%20jc%20b%20jd%20je%20hz%20jf%20jg%20jh%20id%20ji%20jj%20jk%20jl%20jm%20jn%20jo%20jp%20jq%20jr%20js%20jt%20ju%20jv%20dp%20is%22%20data-selectable-paragraph%3D%22%22%3E-So%20that%20was%20a%20quick%20overview%20of%20app%20governance%20and%20how%20it%20can%20help%20you%20to%20proactively%20identify%20high-risk%20apps%20connected%20to%20your%20Microsoft%20365%20services%2C%20so%20you%20can%20quickly%20take%20action.%20App%20governance%20now%20provides%20additional%20app%20behavior%20context%20in%20Microsoft%20Defender%20for%20Cloud%20Apps%2C%20formerly%20known%20as%20Microsoft%20Cloud%20App%20Security.%20You%20can%20find%20it%20and%20enable%20a%20trial%20by%20going%20to%20aka.ms%2Fappgovernance.%20It%E2%80%99s%20an%20authenticated%20link%2C%20so%20you%E2%80%99ll%20need%20to%20have%20Microsoft%20365%20admin%20center%20privileges%20to%20sign%20up.%20And%20to%20learn%20more%2C%20check%20out%20aka.ms%2Fappgovernancedocs%2C%20And%20subscribe%20to%20Microsoft%20Mechanics%20if%20you%20haven%E2%80%99t%20already.%20And%20thank%20you%20so%20much%20for%20watching.%3C%2FP%3E%0A%3C%2FDIV%3E%0A%3C%2FDIV%3E%0A%3C%2FSECTION%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-2910513%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%3EPrevent%20your%20cloud%20and%20hybrid%20apps%20from%20becoming%20entry%20points%20to%20cyber%20attacks%20and%20exploits%20with%20Microsoft%20app%20governance%2C%20now%20generally%20available.%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2910513%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EMicrosoft%20app%20governance%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Version history
Last update:
‎Nov 01 2021 01:19 PM
Updated by: