Let’s discuss SaaS Security Initiative Your New Homepage for SaaS Security Management in the Defender Portal. Microsoft announced many exciting innovations in Microsoft Defender for cloud Apps to help address the challenges of SaaS apps.
SaaS apps are widely used and are becoming increasingly important in modern organizations. However, they also face many challenges. Due to their widespread use, security teams must manage their configurations and maintain a strong security posture.
Have you heard about OAuth Apps? OAuth is a security solution designed to enhance organizations’ security. However, the security of OAuth apps is also challenging. Some attackers use OAuth apps to sneak into systems. Therefore, your organization’s security teams must monitor OAuth apps, manage permissions, and control unauthorized app usage.
In this blog post, we will discuss how to prevent SaaS-related threats, gain deep visibility into OAuth apps to secure app-to-app interactions and enhance operational efficiency for managing SaaS security, from permission management to shadow IT governance.
Table of Contents
Ensure SaaS Landscape Security with Latest Innovations of Defender for Cloud Apps
Microsoft launched many innovations in Defender for Cloud Apps. Together, we can go through each innovation. The innovations are the SaaS security initiative, Enhanced visibility into OAuth apps, and Streamlined its operations.
- Microsoft Security Exposure Management using Defense Techniques
- Top 5 Data Security Challenges DLP Productivity eBook Download for Free
- Learn About 8 Common Cyber Security Threats
SaaS Security Initiative
The SaaS Security Initiative is an innovation developed by Microsoft Security Exposure Management. It is designed to provide best-practice recommendations and an easy way for security teams to prioritize the most important controls. The following list shows the key points of the SaaS Security Initiative.
- It has a new homepage with the SaaS security posture management experience in the Defender portal.
- It views your SaaS security coverage, health, configuration, and performance.
- It consolidates all best-practice recommendations for configuring SaaS apps into 12 metrics, enabling security teams to efficiently manage and prioritize many security recommendations.
- Based on each recommendation’s impact on your overall security, giving you an easy way to prioritize.
Enhanced Visibility into OAuth Apps
In January, the Microsoft security team detected a nation-state attack leveraging OAuth apps to infiltrate corporate systems. Threat actors misuse the OAuth app to infiltrate cloud environments and conduct post-compromise activity like email collection.
OAuth faces a unique challenge in that users often treat them as “set and forget” actions and lack visibility into the level of permissions and privileges granted to them. Enhanced visibility into OAuth apps within Defender for Cloud Apps to help security teams set effective controls and mitigate risks.
Improvements | Details |
---|---|
Visibility into app origins | With the new pp origin functionality in Defender for Cloud Apps, security teams can gain visibility into the origins of OAuth apps connected to their Microsoft 365 environment. |
They can also create custom policies to monitor and get alerted on apps with external origins to proactively review such apps and improve the organisation’s security posture. | |
Expanded Visibility into App Privilege Levels | The expanded visibility gives security teams a complete view of app permissions and enables them to view and monitor. |
Permissions filter and export capabilities | Permissions filter and export capabilities help security teams efficiently identify apps with specific permissions, such as Mail.Read, Mail.ReadWrite, and Files.ReadWrite, to access Microsoft 365. |
- 2024 Cybersecurity Certifications for IT Professionals
- 40% of All Incoming emails Pose a Potential Cybersecurity Threat
- Microsoft Cloud Security Benchmark Guide MCSB with Control Domain Security Principle Azure AWS Guidance
Streamlined SaaS Security Operations
Defender for Cloud Apps introduces some new capabilities to streamline its operations. These include Cloud apps integration with Defender XDR’s unified RBAC model, Discovered apps Graph API, and Enhanced block page experience.
New Capabilities | Details |
---|---|
Cloud app integration with Defender XDR’s unified RBAC model | Defender for Cloud Apps is now integrated with the unified role-based access control (RBAC) model in Defender XDR to Manage permissions across various workloads in large organizations. |
Discovered apps Graph API | Discovered apps Graph API enables scalable Shadow IT management by allowing you to query and retrieve data on discovered apps programmatically. |
Enhanced block page experience | To differentiate between apps blocked by organization’s IT team and malicious apps blocked by SmartScreen by end users, Microsoft introduced an enhanced block screen experience. |
Need Further Assistance or Have Technical Questions?
Join the LinkedIn Page and Telegram group to get the latest step-by-step guides and news updates. Join our Meetup Page to participate in User group meetings. Also, Join the WhatsApp Community to get the latest news on Microsoft Technologies. We are there on Reddit as well.
Resource
Ignite news: Secure your SaaS landscape with the latest Defender for Cloud Apps innovations
Author
Anoop C Nair has been Microsoft MVP for 10 consecutive years from 2015 onwards. He is a Workplace Solution Architect with more than 22+ years of experience in Workplace technologies. He is a Blogger, Speaker, and Local User Group Community leader. His primary focus is on Device Management technologies like SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career, etc.