Lifecycle management strategy in Defender for Cloud Apps
Microsoft Defender for Cloud Apps (previously known as Microsoft Cloud App Security) is now part of Microsoft 365 Defender. The Microsoft 365 Defender portal allows security admins to perform their security tasks in one location. This will simplify workflows, and add the functionality of the other Microsoft 365 Defender services. Microsoft 365 Defender will be the home for monitoring and managing security across your Microsoft identities, data, devices, apps, and infrastructure. For more information about these changes, see Microsoft Defender for Cloud Apps in Microsoft 365 Defender.
By using a lifecycle management strategy, you can ensure your configurations, exclusions, and policies for Microsoft Defender for Cloud Apps remain up to date and are reviewed on an established cadence.
Remember to also check What's New in Defender for Cloud Apps to stay current with new features and releases.
To best maintain Defender for Cloud Apps posture, regularly follow the recommendations below:
Role-based access controls
- Review any users that have access to the Defender for Cloud Apps portal and verify role need
- Inventory external users with access to your environment and determine validity
- Add applications for additional control and visibility
- Remove old user/group exclusions from Conditional Access policy
- Update SAML certificate for third-party identity provider annually
- Verify app onboarding members
- Remove unneeded custom policies
- Review new policy templates
- Enhance policy strategy to determine what can be a saved query versus what requires an alert
- Ensure labeling strategy is in line with current Security and Compliance configuration
- Review managed domains
- Verify current IP ranges for Corporate and VPN
- Verify App Tag strategy and add/remove as needed
- Check rights on admin quarantine folder
- Adjust score metrics based on industry best practices
- Review members allowed to view private activities
- Verify integrations are enabled:
If you run into any problems, we're here to help. To get assistance or support for your product issue, please open a support ticket.
Submit and view feedback for