Microsoft is aiming to deliver full protection of cloud-based software applications by extending the cloud app security posture management capabilities of Microsoft Defender for Cloud Apps to more critical apps in use today.
Some of those apps included in Microsoft’s announcement are Microsoft 365, Salesforce, ServiceNow, Okta, GitHub and more. In a preview starting today, Defender for Cloud Apps provides SaaS security posture management (SSPM) for those apps and others, and Microsoft is also expanding the depth of assessments and capabilities for each application.
According to a Microsoft blog, new capabilities include seamless integration with the Defender for Cloud Apps connector experience. Organizations with connections between those aforementioned apps to Defender for Cloud will see the new SSPM capabilities automatically light up without any further deployment.
It will also recommend actions based on industry standards, such as the Center for Internet Security, and follow best practices set by the specific app provider. Microsoft lists the Salesforce Security Health Check as an example.
To prevent attacks from exploiting the OAuth attack vector in used apps, Microsoft says the company will soon be releasing a new capability that will allow security teams to gain visibility into unused apps, credentials and expired credentials. This will be identified by Microsoft Azure Active Directory, giving teams the ability to see vulnerabilities and implement a predefined policy with detailed remediation actions to help resolve those potential risks.
The company says Defender for Cloud Apps is natively integrated in Microsoft 365 Defender, giving security teams more context to help prioritize their investigations. The XDR technology correlates signals from the Microsoft Defender suite across endpoints, identities, email, and SaaS apps to provide incident-level detection, investigation, and response capabilities like automatic attack disruption.
“The integration of SaaS security into an XDR experience gives SOC teams full kill chain visibility and improves operational efficiency with better prioritization and shorter response times to ultimately protect the organization more effectively,” the company says.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!
Leave a Reply