Cloud App Security

Welcome! You can use this site to give feedback directly to our engineering teams that build the security products you rely on. You can suggest features or design changes, and vote on suggestions others have made. If you would like to further engage our engineering teams, please join our Security Community by visiting https://aka.ms/SecurityCommunity.

To learn more about Microsoft Cloud App Security or try it out, visit the product page.

  1. Extended File Metadata Support

    Cloud App security does not currently support the extended file metadata that is saved to a file when it is stored on a SharePoint Online document library. This would be hugely beneficial with applying File policies to existing SharePoint libraries that make use of custom selection properties for files.

    30 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  2. Modify a specification of impersonated activity detection.

    As for impersonated activity detection on Cloud App Security, there is one strange operation as follows.

    1. When a team is created on Microsoft Teams, Office 365 Groups with mailbox and email address are generated automatically.
    2. If a general user posts something on its team, the posting will be saved in the Office 365 Groups mailbox with the Office 365 Groups email address.
    3. It is the user who posted. On the other hand, it is the Office 365 Groups email address that saved the post in the mailbox. Therefore, it is detected as an impersonated activity and an…

    19 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  3. Ability to use variables in notification messages

    It would be nice to be able to use variables in notification messages to make them a bit more meaning full e.g.

    Hi %Owner%,
    Contoso has detected you have saved the file %file name%, this file contains sensitive personal information to %app%.

    The following actions have been taken to protect this information

    - File has been made private
    - Any shares with users external to GA have been removed.

    Regards
    Contoso

    This would offer users more meaningful messages and could reduce the amount of policies required as One policy could be used for multiple apps.
    The other option would be…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a partner  ·  Flag idea as inappropriate…  ·  Admin →
  4. I want to search the activity log that contains a specific string in the file name.

    I want to search the activity log that contains a specific string in the file name.
    For example, you want to search for activities that contain "secret" in the file name, and list the most recently accessed activities of highly sensitive files.
    The current scheme only allows forward, backward, and exact matches of filenames.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add MCAS reporting to PowerBI

    Management needs to be informed about the effects, results and actions taken via MCAS during the past month. Please add a reporting template to support this governance process.
    In addition, it would be nice to have this available as a content pack for PowerBI.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a partner  ·  Flag idea as inappropriate…  ·  Admin →
  6. Activity Policy - Ability to Filter Location by City and/or State

    For activity policies, we would like to see the ability to filter by location using city and/or state metadata; not just by country. For example, when scanning for all US based activities (actions/logins), we receive alerts all US based ISP's. I can utilize categories or tags to create lists of known trusted corporate IP addresses, but when employees log in from home, hot spots, airports, etc.…we end up with 1000’s of potential false positives. If I could filter based on city, that would help eliminate triggering governance for 1000’s of false positives. For now, I am stuck only looking for…

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a partner  ·  Flag idea as inappropriate…  ·  Admin →
  7. Protect old format office and non-Office files

    Currently, it is possible to label Office files by using MCAS. but old format office and non- office files can not be labeled and protected.
    We'd like to label or protect any files by using MCAS.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am an employee of Microsoft  ·  Flag idea as inappropriate…  ·  Admin →
  8. Retain original owner information of files after it is quarantined or restored

    When a file is quarantined or restored, it would be helpful to retain the original owner of the files. This way we can search for all files in quarantine that were owned by a particular user and restore them without having to search for each file individually. Currently all files that get quarantined/restored have the owner set to app@sharepoint.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  9. Integrate with Azure AD Identity Protection (risk score)

    Allow policies to use risk based conditional access score from Azure AD Identity Protection to configure session controls (e.g. prevent download at high risk)

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a partner  ·  Flag idea as inappropriate…  ·  Admin →
  10. show deviceID in activity logd

    when going through logs or any alert there is no way to determine what device was used when the alert was triggered.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  11. App Connector for Github

    As you now "own" github - you need to provide app connector.

    I'm getting bored of meetings where we find Dev's have added keys to a repo and not a vault!
    DLP integration

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  12. Improvements to cloud app security

    cloud app security has the potential to be a great app but currently it's lacking.

    Alerting - this tool should notify of issues

    Connector control - the app connectors are unconfigurable which is crazy you should be able to adjust API calls or delete connectors

    False positives - you should be able to mark a behaviour as a false positive like in the case of box it views in line edits as downloads

    Log collectors - I couldn't even get this working with the Sophos XG

    Apps - there needs to be a hole lot more apps supported anywhere where…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  13. Improvements to logs pulled from Okta App connector

    i can see Okta App connector is able to pull login events from okta but it is lacking granular details for events such as :

    1) Multi-factor authentication success event on Cloud App security Activity log page is lacking what actual second factor was used as MFA (such as SMS, Security Question,Okta Verify app)

    In fact, I could see details of second factor under raw data on CAS but it is not visible on front.

    app connector, is it pulling Okta System logs?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  14. SAP Application like Sucessfactor integration

    App connector for SAP Application like Sucessfactor integration to pull Sucessfactor logs and compliance

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  15. Add file filter to show all files "quarantined from" a particular folder.

    Would be great if we could leverage the existing data that is presented in the "Quarantined From" file path to create/add a file filter that would easily filter to all files that were once in that folder but were administratively quarantined. This way, if a user needs me to restore an entire folders worth of files, I could apply that filter and bulk restore all the results since they were all "Quarantined From" the same folder.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  16. Add MDM Intune App connector on connected apps

    please add connector for device management Intune app to integrate MDM intune logs on Cloud app security.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  17. Add Support for Ubiquiti UniFi Security Gateways

    I would love to see support for Ubiquiti UniFi Security Gateway (firewall) products.

    81 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    13 comments  ·  I am a partner  ·  Flag idea as inappropriate…  ·  Admin →
  18. Add Slack as a connected app.

    Would assist with visibility of user activity on Slack. Other CAS solution already have this integration.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
  19. Expor investigation priority of all users

    Thanks for adding new user parameter about "investigation priority".
    We would like to view this parameter at list of all users.
    Currently, We can confirm the parameter with top of 5 users on MCAS Dashboard. But We can not confirm it with all users.
    If we can export "investigation priority" of all users, it is very useful.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am an employee of Microsoft  ·  Flag idea as inappropriate…  ·  Admin →
  20. SIEM agent filter by User Group not just user

    SIEM agent needs to support Alerts Matching filter using "User groups" - restriction on individual user is not viable.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 6
  • Don't see your idea?

Feedback and Knowledge Base