Learn about app threat detection and remediation
Use app governance with Microsoft Defender for Cloud Apps in Microsoft Defender XDR to:
Monitor the threat alerts generated by built-in app governance detection methods for malicious app activities and policy-based alerts generated by active app policies that you create.
These alerts can indicate anomalies in app activity and when noncompliant, malicious, or risky apps are used. You can also use patterns in alerts to create new app policies or modify the settings of existing policies for more restrictive actions.
Remediate alerts, either manually after investigation, or automatically through the action settings on active app policies.
Supported roles
For more information, see App governance administrator roles.