MC937932 - Microsoft Defender for Cloud Apps: New SaaS Security Initiative in the “Exposure management” experience

Service

Microsoft Defender XDR

Last Updated

Nov 25, 2024

Published Nov 19, 2024

Tag

Feature update
Admin impact

More information

Coming soon for Microsoft Defender for Cloud Apps: The SaaS Security Initiative, a new capability designed to change the way our customers consume SaaS security posture recommendations that consolidates best-practice recommendations for configuring SaaS applications.

When this will happen:

General Availability (Worldwide): We will begin rolling out mid-November 2024 and expect to complete by late November 2024.

How this will affect your organization:

Why do you need this?

The SaaS Security Initiative provides a centralized location for all SaaS Security best practices. It is designed to help our customers manage and prioritize security recommendations effectively. By starting with the metrics that hold the highest weight, customers can efficiently enhance their SaaS Security posture.

What is it?

The SaaS Security Initiative serves as the new homepage for SSPM (SaaS Security Posture Management), consolidating all best-practice recommendations into 12 measurable metrics. These metrics enable our customers to efficiently manage and prioritize the large number of security recommendations.

How does it work?

  1. Go to Defender for Cloud Apps > Exposure management > Select Initiatives > Select the SaaS security initiative > Select Open initiative page to access the Security metrics view. The Security metrics page displays 12 measurable metrics that categorize hundreds of best-practices recommendations.
  2. We recommend you begin working on a metric with a High weight. For example, to review all best-practices recommendations related to SaaS-to-SaaS interactions, select the metric called Missing best practices to secure apps interacting with other apps via oAuth protocol.
  3. Select a Not compliant recommendation and follow the remediation steps.

This new feature will be on by default.

What you need to do to prepare:

To take full advantage of the SaaS Security Initiative, you must have a license for Defender for Cloud Apps and enable at least one connector in Defender for Cloud Apps. We recommend you enable the Microsoft 365 connector to seamlessly view more than 60 recommendations.
To learn more on app-connectors enablement: https://learn.microsoft.com/defender-cloud-apps/enable-instant-visibility-protection-and-governance-actions-for-your-apps

This rollout will happen automatically by the specified date with no admin action required before the rollout.

Learn more: SaaS security initiative - Microsoft Defender for Cloud Apps | Microsoft Learn