Security configuration overview


Microsoft Defender for Cloud Apps (previously known as Microsoft Cloud App Security) is now part of Microsoft 365 Defender. The Microsoft 365 Defender portal allows security admins to perform their security tasks in one location. This will simplify workflows, and add the functionality of the other Microsoft 365 Defender services. Microsoft 365 Defender will be the home for monitoring and managing security across your Microsoft identities, data, devices, apps, and infrastructure. For more information about these changes, see Microsoft Defender for Cloud Apps in Microsoft 365 Defender.

Microsoft Defender for Cloud Apps provides you with security configuration assessments for your Azure, Amazon Web Services (AWS), Google Cloud Platform (GCP) and other SaaS applications. Recommendations cover all Azure subscriptions, AWS accounts including member accounts, and all GCP projects that are connected to your organization. This multi-cloud view of all cloud platform security configuration recommendations enables security admins to investigate all security configuration gaps in Defender for Cloud Apps.

Use the following links to get more details about the different assessment types.

  • Azure recommendations: Azure best practices security recommendations consumed from Microsoft Defender for Cloud.
  • AWS recommendations: Security recommendations based on the Center for Internet Security (CIS) benchmark for AWS, version 1.2.0, consumed from AWS Security Hub.
  • GCP recommendations: Security recommendations based on the CIS benchmark for GCP, version 1.1.0, consumed from Google Security Command Center and Security Health Analytics.
  • SaaS applications: Security recommendations for different SaaS applications based on Microsoft benchmarks.

Security recommendations report

Defender for Cloud Apps lets you export a details list of security recommendations to help you monitor, understand, and customize your cloud environments to better protect your organization.

To export a security recommendations list, perform the following steps:

  1. In Defender for Cloud Apps, browse to Investigate > Security configuration.

  2. Select the security recommendations tab for the relevant cloud.

  3. On the top-right of the recommendations table, select Export.

Next steps

If you run into any problems, we're here to help. To get assistance or support for your product issue, please open a support ticket.