Add custom apps to Cloud Discovery

Note

Microsoft Defender for Cloud Apps (previously known as Microsoft Cloud App Security) is now part of Microsoft 365 Defender. The Microsoft 365 Defender portal allows security admins to perform their security tasks in one location. This will simplify workflows, and add the functionality of the other Microsoft 365 Defender services. Microsoft 365 Defender will be the home for monitoring and managing security across your Microsoft identities, data, devices, apps, and infrastructure. For more information about these changes, see Microsoft Defender for Cloud Apps in Microsoft 365 Defender.

Cloud Discovery analyzes your traffic logs against the Defender for Cloud Apps catalog. Over 31,000 cloud apps are in the Cloud App Catalog. The catalog contains publicly available cloud apps only, for which Defender for Cloud Apps provides visibility and risk information.

To gain visibility into cloud apps that are excluded from the Cloud App Catalog, Defender for Cloud Apps enables you to discover use of custom cloud apps (LOB apps) that were developed or assigned specifically for your organization.

By adding a new custom cloud app, Defender for Cloud Apps can match uploaded firewall and proxy traffic log messages to the app and then provide you with visibility into the use of this app across your organization in the Cloud Discovery pages, such as how many users use the app, how many unique source IP addresses use it, and how much traffic is transmitted to and from the app.

Add a new custom cloud app

  1. In the Defender for Cloud Apps portal, select Discover and then Cloud Discovery dashboard.

    cloud discovery dashboard menu.

  2. In the top right corner, select the three dots and then select Add new custom app.

    add custom app menu.

  3. Fill in the fields to define the new app record that will be listed in the Cloud App Catalog and in Cloud Discovery after it's discovered in your firewall logs.

    custom app.

  4. Under Domains, fill in the unique domains that are used when accessing the custom app. These domains are used to match traffic log messages to this app. If the data source you're using doesn't have app URL information, make sure you fill in the IPv4 and IPv6 address fields.

  5. Add the Hosting platform and Azure Subscription ID. Optionally, specify the app's Business unit.

  6. Assign a risk Score and add App Notes to help you track changes for this record.

  7. Select Create.

After the app is created, it's available for you in the Cloud App Catalog.

At any time, you can select the three dots at the end of the row to edit or delete a custom app.

Note

Custom apps are automatically tagged with the Custom app tag after you add them. This app tag cannot be removed. In order to view all your custom apps, set the App tag filter to be equal to Custom app.

Next steps

If you run into any problems, we're here to help. To get assistance or support for your product issue, please open a support ticket.