SaaS Security Initiative Your New Homepage for SaaS Security Management in the Defender Portal

Let’s discuss SaaS Security Initiative Your New Homepage for SaaS Security Management in the Defender Portal. Microsoft announced many exciting innovations in Microsoft Defender for cloud Apps to help address the challenges of SaaS apps.

SaaS apps are widely used and are becoming increasingly important in modern organizations. However, they also face many challenges. Due to their widespread use, security teams must manage their configurations and maintain a strong security posture.

Have you heard about OAuth Apps? OAuth is a security solution designed to enhance organizations’ security. However, the security of OAuth apps is also challenging. Some attackers use OAuth apps to sneak into systems. Therefore, your organization’s security teams must monitor OAuth apps, manage permissions, and control unauthorized app usage.

In this blog post, we will discuss how to prevent SaaS-related threats, gain deep visibility into OAuth apps to secure app-to-app interactions and enhance operational efficiency for managing SaaS security, from permission management to shadow IT governance.

Patch My PC
SaaS Security Initiative Your New Homepage for SaaS Security Management in the Defender Portal - Fig.1
SaaS Security Initiative Your New Homepage for SaaS Security Management in the Defender Portal – Fig.1

Ensure SaaS Landscape Security with Latest Innovations of Defender for Cloud Apps

Microsoft launched many innovations in Defender for Cloud Apps. Together, we can go through each innovation. The innovations are the SaaS security initiative, Enhanced visibility into OAuth apps, and Streamlined its operations.

SaaS Security Initiative

The SaaS Security Initiative is an innovation developed by Microsoft Security Exposure Management. It is designed to provide best-practice recommendations and an easy way for security teams to prioritize the most important controls. The following list shows the key points of the SaaS Security Initiative.

  • It has a new homepage with the SaaS security posture management experience in the Defender portal.
  • It views your SaaS security coverage, health, configuration, and performance.
  • It consolidates all best-practice recommendations for configuring SaaS apps into 12 metrics, enabling security teams to efficiently manage and prioritize many security recommendations.
  • Based on each recommendation’s impact on your overall security, giving you an easy way to prioritize.
SaaS Security Initiative Your New Homepage for SaaS Security Management in the Defender Portal - Fig.2 Creds to MS
SaaS Security Initiative Your New Homepage for SaaS Security Management in the Defender Portal – Fig.2 Creds to MS

Enhanced Visibility into OAuth Apps

In January, the Microsoft security team detected a nation-state attack leveraging OAuth apps to infiltrate corporate systems. Threat actors misuse the OAuth app to infiltrate cloud environments and conduct post-compromise activity like email collection.

OAuth faces a unique challenge in that users often treat them as “set and forget” actions and lack visibility into the level of permissions and privileges granted to them. Enhanced visibility into OAuth apps within Defender for Cloud Apps to help security teams set effective controls and mitigate risks.

ImprovementsDetails
Visibility into app originsWith the new pp origin functionality in Defender for Cloud Apps, security teams can gain visibility into the origins of OAuth apps connected to their Microsoft 365 environment.
They can also create custom policies to monitor and get alerted on apps with external origins to proactively review such apps and improve the organisation’s security posture.
Expanded Visibility into App Privilege LevelsThe expanded visibility gives security teams a complete view of app permissions and enables them to view and monitor.
Permissions filter and export capabilitiesPermissions filter and export capabilities help security teams efficiently identify apps with specific permissions, such as Mail.Read, Mail.ReadWrite, and Files.ReadWrite, to access Microsoft 365.
SaaS Security Initiative Your New Homepage for SaaS Security Management in the Defender Portal – Table.1
SaaS Security Initiative Your New Homepage for SaaS Security Management in the Defender Portal - Fig.3 Creds to MS
SaaS Security Initiative Your New Homepage for SaaS Security Management in the Defender Portal – Fig.3 Creds to MS

Streamlined SaaS Security Operations

Defender for Cloud Apps introduces some new capabilities to streamline its operations. These include Cloud apps integration with Defender XDR’s unified RBAC model, Discovered apps Graph API, and Enhanced block page experience.

New CapabilitiesDetails
Cloud app integration with Defender XDR’s unified RBAC modelDefender for Cloud Apps is now integrated with the unified role-based access control (RBAC) model in Defender XDR to Manage permissions across various workloads in large organizations.
Discovered apps Graph APIDiscovered apps Graph API enables scalable Shadow IT management by allowing you to query and retrieve data on discovered apps programmatically.
Enhanced block page experienceTo differentiate between apps blocked by organization’s IT team and malicious apps blocked by SmartScreen by end users, Microsoft introduced an enhanced block screen experience.
SaaS Security Initiative Your New Homepage for SaaS Security Management in the Defender Portal – Table.2
SaaS Security Initiative Your New Homepage for SaaS Security Management in the Defender Portal - Fig.4 Creds to MS
SaaS Security Initiative Your New Homepage for SaaS Security Management in the Defender Portal – Fig.4 Creds to MS

Need Further Assistance or Have Technical Questions?

Join the LinkedIn Page and Telegram group to get the latest step-by-step guides and news updates. Join our Meetup Page to participate in User group meetings. Also, Join the WhatsApp Community to get the latest news on Microsoft Technologies. We are there on Reddit as well.   

Resource

Ignite news: Secure your SaaS landscape with the latest Defender for Cloud Apps innovations

Author

Anoop C Nair has been Microsoft MVP for 10 consecutive years from 2015 onwards. He is a Workplace Solution Architect with more than 22+ years of experience in Workplace technologies. He is a Blogger, Speaker, and Local User Group Community leader. His primary focus is on Device Management technologies like SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career, etc. 

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.