Classic portal: Working with the dashboard
Note
Microsoft Defender for Cloud Apps is now part of Microsoft Defender XDR, which correlates signals from across the Microsoft Defender suite and provides incident-level detection, investigation, and powerful response capabilities. Automatic redirection from the classic portal is on by default for all customers.
Starting June 16th, 2024, the redirection toggle to switch back to the clasisc portal will no longer be available. From then on, all users accessing the classic Microsoft Defender for Cloud Apps portal will be automatically rerouted to the Microsoft Defender portal, with no option to opt-out.
To prepare for this change, we recommend that any customers still using the classic portal move operations to the Microsoft Defender portal. For more information, see Microsoft Defender for Cloud Apps in the Microsoft Defender portal.
This article describes what you should do with Defender for Cloud Apps daily.
Check the dashboard
The information presented in the dashboard is an overview of all the most important information about your organization. Each information card provides links to a deeper investigation of the information presented. You can also choose to view the dashboard information for a specific app using the filter provided.
What can you expect to see in the dashboard?
Open alerts
Shows the number of open alerts, a graph of the alert status distribution, and recent alertsDiscovered apps
Shows the number of discovered apps, a graph of the app risk distribution, and the top app categories by traffic.Top users to investigate
Shows the number of users to investigate and the users with the highest investigation priority.Conditional Access App Control
Shows the number of apps protected by Conditional Access App Control as well as the number of protected sessions and actions over the last 30 days.App connectors status
Shows the number of API connected app instances and their status.Files infected with malware
Shows the number of files infected with malware.Privileged Microsoft 365 OAuth apps
Shows the number of rarely used OAuth apps granted highly privileged permissions.Azure security configuration
Shows the number and severity of Azure security configuration recommendations.AWS security configuration
Shows the number and severity of AWS security configuration recommendations.DLP alerts
Shows a graph of DLP alerts over the last 30 days.
Next steps
If you run into any problems, we're here to help. To get assistance or support for your product issue, please open a support ticket.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for