What are the differences between Microsoft Defender for Cloud Apps and Office 365 Cloud App Security?
Microsoft Defender for Cloud Apps is now part of Microsoft 365 Defender and can be accessed through its portal at: https://security.microsoft.com. Microsoft 365 Defender correlates signals from the Microsoft Defender suite across endpoints, identities, email, and SaaS apps to provide incident-level detection, investigation, and powerful response capabilities. It improves your operational efficiency with better prioritization and shorter response times which protect your organization more effectively. For more information about these changes, see Microsoft Defender for Cloud Apps in Microsoft 365 Defender.
This article describes the differences between Defender for Cloud Apps and Office 365 Cloud App Security.
For information about licensing, see the Microsoft 365 licensing datasheet.
Microsoft Defender for Cloud Apps
Microsoft Defender for Cloud Apps is a comprehensive cross-SaaS solution bringing deep visibility, strong data controls, and enhanced threat protection to your cloud apps. With this service, you can gain visibility into Shadow IT by discovering cloud apps in use. You can control and protect data in the apps once you sanction them to the service.
Office 365 Cloud App Security
Office 365 Cloud App Security is a subset of Microsoft Defender for Cloud Apps that provides enhanced visibility and control for Office 365. Office 365 Cloud App Security includes threat detection based on user activity logs, discovery of Shadow IT for apps that have similar functionality to Office 365 offerings, control app permissions to Office 365, and apply access and session controls. Office 365 Cloud App Security has access to all of the features of Microsoft Defender for Cloud Apps, but supports only the Office 365 app connector.
Office 365 Cloud App Security is accessed through the same portal as Microsoft Defender for Cloud Apps. It is bundled with the Office 365 E5 subscription. Depending on your license, you'll either have access to Office 365 Cloud App Security or the entire Defender for Cloud Apps solution.
|Capability||Feature||Microsoft Defender for Cloud Apps||Office 365 Cloud App Security|
|Cloud Discovery||Discovered apps||31,000 + cloud apps||750+ cloud apps with similar functionality to Office 365|
|Deployment for discovery analysis||Manual log upload|
|Log anonymization for user privacy||Yes|
|Access to full Cloud App Catalog||Yes|
|Cloud app risk assessment||Yes|
|Cloud usage analytics per app, user, IP address||Yes|
|Ongoing analytics & reporting||Yes|
|Anomaly detection for discovered apps||Yes|
|Information Protection||Data Loss Prevention (DLP) support||Cross-SaaS DLP and data sharing control||Uses existing Office DLP (available in Office E3 and above)|
|App permissions and ability to revoke access||Yes||Yes|
|Policy setting and enforcement||Yes|
|Integration with Azure Information Protection||Yes|
|Integration with third-party DLP solutions||Yes|
|Threat Detection||Anomaly detection and behavioral analytics||For Cross-SaaS apps including Office 365||For Office 365 apps|
|Manual and automatic alert remediation||Yes||Yes|
|SIEM connector||Yes. Alerts and activity logs for cross-SaaS apps.||For Office 365 alerts only|
|Integration to Microsoft Intelligent Security Graph||Yes||Yes|
|Conditional Access App Control||Real-time session monitoring and control||Any cloud and on-premises app||For Office 365 apps|
|Cloud Platform Security||Security configurations||For Azure, AWS, and GCP||For Azure|
- Read about the basics in Getting started with Defender for Cloud Apps.
If you run into any problems, we're here to help. To get assistance or support for your product issue, please open a support ticket.
Submit and view feedback for