Microsoft Cloud App Security and Windows Defender ATP – better together

Based on Microsoft research, enterprises today have an average of 1,100 cloud applications in their organization, with IT unaware of 61% of the cloud services that users access.
Sourcing from a cloud app catalog of more than 16,000 applications, Discovery in Microsoft Cloud App Security (MCAS), Microsoft Cloud Access Security Broker (CASB) solution identifies the cloud apps that are being used in your organization, provides risk assessments, ongoing analytics and lifecycle management capabilities to control the use.
Microsoft Cloud App Security now uniquely integrates with Windows Defender Advanced Threat Protection (ATP) to enhance the Discovery of Shadow IT in your organization and extend it beyond your corporate network. CASB can now leverage the traffic information collected by the Windows Defender ATP, no matter which network users are accessing cloud apps from. This seamless integration does not require any additional deployment and gives admins a more complete view of cloud app- and services usage in their organization.

How it works

Windows Defender ATP is an integrated part of Windows 10 Enterprise E5. To leverage the existing sensors and send traffic information to Microsoft Cloud App Security, you need to enable this integration via a simple toggle in the Windows Defender Security Center. Windows Defender ATP will then continuously log resource usage from all Windows 10 machines that are onboarded to the service, and report it back to Microsoft Cloud App Security, with signals shared via the Microsoft Intelligent Security Graph.
To get started, admins can go to the Advanced settings page in the Windows Defender Security Center. All you need to do, is activate a single button to enable the connection – and MCAS will start pulling the information immediately.
wdatp3.pngImage 1: Activate Microsoft Cloud App Security in the Windows Defender Security Center