Classic portal: Security posture management for SaaS apps
Note
This docset refers to the Microsoft Defender for Cloud Apps classic portal. Microsoft Defender for Cloud Apps is now part of Microsoft Defender XDR, which correlates signals from across the Microsoft Defender suite and provides incident-level detection, investigation, and powerful response capabilities.
As of June 2024, all customers using the classic Defender for Cloud Apps portal are automatically redirected to Microsoft Defender XDR, with no option to revert back to the classic portal. For more information, see Microsoft Defender for Cloud Apps in Microsoft Defender XDR and the Microsoft Defender for Cloud Apps documentation.
Your SaaS application environments may be configured in a risky posture. Microsoft Defender for Cloud Apps provides you with risk security configuration assessments for your SaaS applications to make sure you prevent possible risks. These recommendations are shown via Microsoft Secure Score once you have a connector to an application.
Prerequisites
Your organization must have Microsoft Defender for Cloud Apps licenses.
Note
- SaaS Security Posture Management for non-Microsoft applications is currently in public preview for every customer with Defender for Cloud Apps. At General Availability the licensing of this capability may be changed.
How to enable SaaS apps security posture management
You should connect the app that you want to manage to Defender for Cloud Apps. For connection guides to every app, see the connecting an app pages.
Note
- Currently only Salesforce and ServiceNow are supported with SaaS Security Posture Management Capabilities.
- It's possible to configure one instance for each app.
After you connected the application via Defender for Cloud Apps, make sure the connector is set to show data in Microsoft Secure Score. To verify it, in Defender for Cloud Apps portal, under Connected apps, open the instance drawer and make sure there is a field Secure Score insights: Main instance.
If the instance is not set as the Secure Score main instance, you can set it by selecting the three dots and selecting Set as Microsoft Secure Score instance.
How to manage your SaaS apps security posture
The security recommendations will be shown automatically in Microsoft Secure Score. Navigate to the Microsoft Defender Portal. Under the navigation bar, select Secure score, and go to Recommended actions tab.
Filter the desired product to see its security controls.
When selecting the control, you'll find its description and status.
To see a step-by-step remediation guide for risky controls, go to the Implementation tab in the control side pane.
Note
- The recommendations are based on Microsoft benchmarks.
- Score updates may take up to 24 hours.
Next steps
If you run into any problems, we're here to help. To get assistance or support for your product issue, please open a support ticket.