Cloud App Security

Welcome! You can use this site to give feedback directly to our engineering teams that build the security products you rely on. You can suggest features or design changes, and vote on suggestions others have made. If you would like to further engage our engineering teams, please join our Security Community by visiting https://aka.ms/SecurityCommunity.

To learn more about Microsoft Cloud App Security or try it out, visit the product page.

  1. The ability to apply JIT on a VM to an Azure Firewall while both resources are residing in different subscriptions.

    We are using a Hub and Spoke architecture, because of some customer requirements we have different subscriptions for our Hub and Spokes.

    HubSubscription
    In this subscription we have our Azure Firewall and this firewall has public IP's assigned to it.

    SpokeSubscription
    In this subscription we have a VM, we enable JIT on this VM, this VM has no NSG, now have deployed UDR to route all traffic to our Azure Firewall.

    Above Subscriptions both have their own vNET and they are peered together in combination with UDR to provide connectivity.

    We would like to use JIT from the VM in…

    21 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a partner  ·  Flag idea as inappropriate…  ·  Admin →
  2. Disable app connector by customer

    It would be very nice if you could disable app connector by yourself.

    16 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  I am an employee of Microsoft  ·  Flag idea as inappropriate…  ·  Admin →
  3. Display MAC address

    Since the IP address is dynamically distributed, the terminal cannot be accurately identified by the IP address. I want to be able to display the MAC address.

    17 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  4. Extended File Metadata Support

    Cloud App security does not currently support the extended file metadata that is saved to a file when it is stored on a SharePoint Online document library. This would be hugely beneficial with applying File policies to existing SharePoint libraries that make use of custom selection properties for files.

    32 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  5. MCAS

    This is for MCAS.

    1) Analyst should be able to assign the alerts to their name ,so that other analyst can see who had assigned that alert.
    2)Analyst should be able to add comments to the alert ,currently an alert can be added only while resolving or dismissing an Alert.

    Regards,
    Dhirendra

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  6. Modify a specification of impersonated activity detection.

    As for impersonated activity detection on Cloud App Security, there is one strange operation as follows.


    1. When a team is created on Microsoft Teams, Office 365 Groups with mailbox and email address are generated automatically.

    2. If a general user posts something on its team, the posting will be saved in the Office 365 Groups mailbox with the Office 365 Groups email address.

    3. It is the user who posted. On the other hand, it is the Office 365 Groups email address that saved the post in the mailbox. Therefore, it is detected as an impersonated activity and an alert is triggered.
    28 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  7. allow suspension of accounts to work with on prem ad

    Currently this is the case
    If your Azure Active Directory is set to automatically sync with the users in your Active Directory on-premises environment the settings in the on-premises environment override the Azure AD settings and use of the Suspend user governance action is reverted.
    For people with on prem AD this is actually useless and provides no security for our data. The solution would be allow to block sign-ins still and where this attribute was set by cloud app security not allow AD sync to override it. Without this capability there is no protection for on prem AD customers.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  8. Better SharePoint filters

    SHarepoint filtering is very limtied. I cannot for instance filter on a site and subsites, or a site collection. If i wanted to apply a HIGHLY RESTRICTED AIP Label to a site collection that was Highly secure or restricted, I would have to parse and loop though all folders within the document libraries within a site and any subsites manually.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am an employee of Microsoft  ·  Flag idea as inappropriate…  ·  Admin →
  9. Configuration for outdated user agents

    It would be beneficial to be able to configure what user agents are considered outdated, in terms of how outdated it is. For example, raise an alert if the user agent is outdated for 3 months.
    While it's ideal to have the latest browser versions, it's not always possible.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  10. Allows users to be assigned to alerts, and be able to leave comments on alerts

    I would like me and my team to be able to either assign alerts in MCAS to a security team member or allows some type of comments/notes for an alert to help track progress when investigating this alert, instead of using outside tools to track the progress.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  11. There are two "App Connectors" items on health state of CAS..

    We can check health state of CAS on bellow.
    https://status.cloudappsecurity.com/

    You can see two "App connectors" items on US2 data center. If there are any differences between them, we need explanation. Or it supposed to be fixed if it's a careless mistake.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am an employee of Microsoft  ·  Flag idea as inappropriate…  ·  Admin →
  12. Show Health State graphically as a Government Data Center

    We can check health state on the website bellow.
    https://status.cloudappsecurity.com/

    There is a difference between "Gov US1" and others. I understand there are more strict requirement for the government data center. But if all data center's state will be shown graphically as gov one, user can see much easier and faster.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am an employee of Microsoft  ·  Flag idea as inappropriate…  ·  Admin →
  13. Want more details about health state of CAS

    Actually we have status site of CAS already.
    https://status.cloudappsecurity.com/

    But, there are no explanations about those items. (There is Docs, but not enough to be honest.)
    https://docs.microsoft.com/en-us/cloud-app-security/troubleshooting-status

    CAS users must be happy if there is a website that explain about it.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am an employee of Microsoft  ·  Flag idea as inappropriate…  ·  Admin →
  14. Overwrite existing labels using MCAS AIP integration

    We would like the ability to overwrite existing AIP labels using MCAS automatic AIP integration. A use case would be to replace a less-restrictive label with a more restrictive one upon upload/download.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  15. Add MCAS reporting to PowerBI

    Management needs to be informed about the effects, results and actions taken via MCAS during the past month. Please add a reporting template to support this governance process.
    In addition, it would be nice to have this available as a content pack for PowerBI.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a partner  ·  Flag idea as inappropriate…  ·  Admin →
  16. Security Center - do not rise critical alerts when a common port is open to the world

    Our Security dashboard is polluted by alerts when we have common ports on our VMs (like 443, 80 or 1194 (openvpn)) open to the world. Recommendations rising these alerts are:

    "All network ports should be restricted on NSG associated to your VM"

    "Network Security Group rules for Internet facing virtual machines should be hardened"

    It's easy to miss a real problem / real issue with open port if we see constantly this alerts as red because of common ports are open.

    Please add some port-whitelist feature when a common ports will be not alerting and where customers could also add…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  17. Do not automatically copy alerts to Security & Compliance Center

    Please disable whatever connector automatically copies all CAS alerts into Security and Compliance Center.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  18. Ability to filter 'Stale externally shared files' policy further to check for any additional activities besides modification

    The current definition of this policy is 'Alert when an externally shared file that haven't been modified for at least 6 months is detected.' This policy does not seem to accurately account for the fact that a file could still be active if other activities are occurring such as sharing, copying, accessed, etc. Modification of a file is only one of many activities that can be performed on a file that should factor into whether a file is considered stale or not.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  19. Ability to detect and prevent external sharing of sensitive data on the fly like other CASB solutions

    As of today, MCAS detects and remove external links from sensitive contentment once it scans the file. This could take mins to an hour. I did a POC with McAfee and they prevent the external link from being shared in the fist place. The external domain user doesn't even received an email with the file being shared.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  20. Ability to detect MFA

    Detect MFA, And output an alert if MFA is not performed.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am an employee of Microsoft  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 6 7
  • Don't see your idea?

Feedback and Knowledge Base