Cloud App Security

Welcome! You can use this site to give feedback directly to our engineering teams that build the security products you rely on. You can suggest features or design changes, and vote on suggestions others have made. If you would like to further engage our engineering teams, please join our Security Community by visiting https://aka.ms/SecurityCommunity.

To learn more about Microsoft Cloud App Security or try it out, visit the product page.

How can we improve Cloud App Security?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  1. Extended File Metadata Support

    Cloud App security does not currently support the extended file metadata that is saved to a file when it is stored on a SharePoint Online document library. This would be hugely beneficial with applying File policies to existing SharePoint libraries that make use of custom selection properties for files.

    29 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  2. Modify a specification of impersonated activity detection.

    As for impersonated activity detection on Cloud App Security, there is one strange operation as follows.

    1. When a team is created on Microsoft Teams, Office 365 Groups with mailbox and email address are generated automatically.
    2. If a general user posts something on its team, the posting will be saved in the Office 365 Groups mailbox with the Office 365 Groups email address.
    3. It is the user who posted. On the other hand, it is the Office 365 Groups email address that saved the post in the mailbox. Therefore, it is detected as an impersonated activity and an…

    18 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  3. Ability to use variables in notification messages

    It would be nice to be able to use variables in notification messages to make them a bit more meaning full e.g.

    Hi %Owner%,
    Contoso has detected you have saved the file %file name%, this file contains sensitive personal information to %app%.

    The following actions have been taken to protect this information

    - File has been made private
    - Any shares with users external to GA have been removed.

    Regards
    Contoso

    This would offer users more meaningful messages and could reduce the amount of policies required as One policy could be used for multiple apps.
    The other option would be…

    4 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a partner  ·  Flag idea as inappropriate…  ·  Admin →
  4. I want to search the activity log that contains a specific string in the file name.

    I want to search the activity log that contains a specific string in the file name.
    For example, you want to search for activities that contain "secret" in the file name, and list the most recently accessed activities of highly sensitive files.
    The current scheme only allows forward, backward, and exact matches of filenames.

    2 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add MCAS reporting to PowerBI

    Management needs to be informed about the effects, results and actions taken via MCAS during the past month. Please add a reporting template to support this governance process.
    In addition, it would be nice to have this available as a content pack for PowerBI.

    4 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a partner  ·  Flag idea as inappropriate…  ·  Admin →
  6. Activity Policy - Ability to Filter Location by City and/or State

    For activity policies, we would like to see the ability to filter by location using city and/or state metadata; not just by country. For example, when scanning for all US based activities (actions/logins), we receive alerts all US based ISP's. I can utilize categories or tags to create lists of known trusted corporate IP addresses, but when employees log in from home, hot spots, airports, etc.…we end up with 1000’s of potential false positives. If I could filter based on city, that would help eliminate triggering governance for 1000’s of false positives. For now, I am stuck only looking for…

    6 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a partner  ·  Flag idea as inappropriate…  ·  Admin →
  7. Improvements to cloud app security

    cloud app security has the potential to be a great app but currently it's lacking.

    Alerting - this tool should notify of issues

    Connector control - the app connectors are unconfigurable which is crazy you should be able to adjust API calls or delete connectors

    False positives - you should be able to mark a behaviour as a false positive like in the case of box it views in line edits as downloads

    Log collectors - I couldn't even get this working with the Sophos XG

    Apps - there needs to be a hole lot more apps supported anywhere where…

    2 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add Slack as a connected app.

    Would assist with visibility of user activity on Slack. Other CAS solution already have this integration.

    4 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  9. Policy - Activity Object

    When creating a policy, Cloud App Security does not currently support filtering on object for 'Add mailbox permission' activity.

    Example, user.A added mailbox permission for user.B to be able to access mailbox of user.C. It is possible to filter on activity type and actor (user.A), but not on user.B or user.C.

    2 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  10. Add support for enabling email notifications for system alerts to other users

    Currently, the only way for system alerts to be emailed is for Administrators to subscribe manually to the alerts. I would like to be able to either create a policy to send the alert to another user (Such as for SIEM Agent disconnected) or be able to use a cmdlet to set 'receive email notifications for system alerts' for other users.

    2 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  11. Add Support for Ubiquiti UniFi Security Gateways

    I would love to see support for Ubiquiti UniFi Security Gateway (firewall) products.

    72 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    12 comments  ·  I am a partner  ·  Flag idea as inappropriate…  ·  Admin →
  12. Add file filter to show all files "quarantined from" a particular folder.

    Would be great if we could leverage the existing data that is presented in the "Quarantined From" file path to create/add a file filter that would easily filter to all files that were once in that folder but were administratively quarantined. This way, if a user needs me to restore an entire folders worth of files, I could apply that filter and bulk restore all the results since they were all "Quarantined From" the same folder.

    3 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  13. About the health of Cloud App Security

    We are looking for items that can confirm the health of Cloud App Security.
    For example, We think that it is useful if there is an item such as Azure that can check the health if the log is not output or the output is delayed.

    https://azure.microsoft.com/en-us/status/

    2 votes
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Other  ·  Flag idea as inappropriate…  ·  Admin →
  14. Custom Cloud Discovery Dashboard

    I have a customer who requested the capabilities to create a custom dashboard which will be displayed on their security TV's. These dashboards are visible by users outside of IT security, and thus they would like ability to remove the identifiable information (usernames) from being displayed on the dashboard. Being able to set the IP instead of the usernames as default would be sufficient.

    They are concerned that displaying how much traffic a user has generated could be taken out of context by staff.

    As the dashboard already looks like HTML 5 it already has the feel that it can…

    1 vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a partner  ·  Flag idea as inappropriate…  ·  Admin →
  15. Enable local time along with UTC

    It would be nice to have an option to set a local time zone rather than just UTC. Although this might not work for global organisations with multiple data sources.
    It would be nice to have for organisations with a single data source.
    This could either be an option in settings or another column displaying local time next to UTC on the discovered app page.

    1 vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a partner  ·  Flag idea as inappropriate…  ·  Admin →
  16. Use correct Whois data

    We just forced one of our users to change their password due to an Impossible Travel Activity alert from Cloud App Security. After this, we discovered that Microsoft provided false location data. The IP address was actually located in Brazil, not Italy. A simple whois search on Domaintools.com confirmed this. If we can't trust the data we're provided, what use is this service?

    1 vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  17. Randomize Log Collector password

    When creating a new Log Collector, the username is always "discovery" and the password is always "BP98Jw4Ns*zpTFrH" which happens to match the online documentation. Can a randomized password be created each time instead?

    1 vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a partner  ·  Flag idea as inappropriate…  ·  Admin →
  18. Allow for queries based on last accessed date

    Currently can search for files based modified date? Would like the same functionality for last accessed date.

    1 vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  19. Is there any limitation in number of File Policies...?

    We are using MCAS and configured 50 File Policies till now. Want to create few more policies, but it shows that we have reached maximum Limitations of file policies.

    So want to know if there is any hardlimit for File Policy...?

    1 vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  20. Provide some documentation on the details of what the "Enable File Monitoring" setting does.

    There is no documentation on what the "Enable File Monitoring" setting does. It would be helpful to understand the details of what this setting does.

    1 vote
    Sign in
    (thinking…)
    Sign in with: facebook google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5
  • Don't see your idea?

Feedback and Knowledge Base