Cloud App Security

Welcome! You can use this site to give feedback directly to our engineering teams that build the security products you rely on. You can suggest features or design changes, and vote on suggestions others have made. If you would like to further engage our engineering teams, please join our Security Community by visiting https://aka.ms/SecurityCommunity.

To learn more about Microsoft Cloud App Security or try it out, visit the product page.

How can we improve Cloud App Security?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  1. Extra fields displayed in CAS notifications. EG. "Country logged in from" for infrequent country alerts

    We would like better customisation available to us when it comes to the CAS alert emails.

    Using the "Activity from infrequent country" and "Impossible Travel Activity" notifications as an example, it would be good if we could add fields to these emails so that we don't always have to login to check them.
    We have an office in Sri Lanka and an office in Australia, so having people login from either country is common, and we get false positives on these alerts quite regularly. Especially "Impossible Travel Activity" in that situation.

    If "Impossible Travel Activity" email alerts showed the two…

    1 vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)

      We’ll send you updates on this idea

      0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
    • Like AWS, you need a service to watch the logs and notify you and/or take corrective action if they fail or degrade as it impacts others

      Like AWS, you need a service to watch the activity logs and notify you and/or take corrective action if they fail or degrade as it impacts so many other services.

      1 vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)

        We’ll send you updates on this idea

        0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
      • Cloud App Security DeDup Alerts

        We have created an alert in CAS that alerts us when there is a logon from certain countries as we have found that these tend more than not to be compromised accounts. When creating this alert we chose to have it alert on a single activity. We want to know every single time this happens so we can act upon these and suspend the accounts as quickly as possible.

        The issue that we have run into is that in a very short time we will get tons of alerts from the same user as the malicious actor logs on many…

        8 votes
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)

          We’ll send you updates on this idea

          1 comment  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
        • False Positive Impersonated user alert

          Whenever a user sends an email with from address of the shared mailbox for which he/she has a "send on behalf" permission for that particularly shared mailbox, then the MCAS alert us this activity as the impersonated user activity.

          This is very confusing and makes it difficult to understand which is the real impersonation and which are not.

          To avoid this, MCAS must be able to identify the user's privileges on different mailboxes in the exchange online and act accordingly.

          1 vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)

            We’ll send you updates on this idea

            0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
          • Ability to provide admin consent for SaaS applications in CAS portal

            I would like to see the ability to provide admin consent for SaaS application directly within the CAS portal. Perhaps just by clicking the accept button a REST call will approve all the needed consent for the application.

            Instead of having to do this...
            https://blog.peterdahl.net/2018/05/14/azure-ad-v2-apps-vs-the-brick-wall/

            /Peter

            1 vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)

              We’ll send you updates on this idea

              0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
            • Add Cloud App Security Admin Portal to AAD Conditional Access list of available Applications

              Add Cloud App Security Admin Portal to AAD Conditional Access list of available Applications

              2 votes
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)

                We’ll send you updates on this idea

                1 comment  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
              • Hard limit to export only 5000 records under activity log is killing CAS..Can you remove the limitation?

                We have a problem, CAS was able to fetch the logs based on the filter we had we had a policy created with the condition/filter we have). But the Hard limit to export only 5000 records under activity log did not help us. Can you remove the limitation?

                CAS could have solved a major security problem in our environment if there wasn't a limit to export logs. To be honest, End of the day it was just useless...again just because of the limitation.

                5 votes
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  1 comment  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
                • Need to be able to alert on creation of hidden rules in Exchange

                  There is currently a way to alert on the creation of new rules in O365/Exchange, but if a hidden rule is created by a malicious individual, those types of instances are not picked up by any rules/policies available. Please enable the ability to find these types of events within the logs and alert on them.

                  3 votes
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    2 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
                  • Support specific protections for Yammer posts

                    MCAS should offer specific monitoring, alerting, and control for Yammer posts.

                    1 vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      0 comments  ·  I am a partner  ·  Flag idea as inappropriate…  ·  Admin →
                    • Suppress / Acknowledge Alerts

                      We get frequent notifications for travel to infrequent country alerts, but there doesn't seem to be any way to suppress these alerts. It would be nice to be able to tag the user for "legitimate travel" and suppress the alert until after their trip / PTO was scheduled to end. what would be even better would be if CAS could query the user's Exchange calendar and see if an existing OOF reply was set and alert perhaps as informational instead of a warning. It seems like a lot of the information to figure this out more intelligently is already there,…

                      8 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        1 comment  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →

                        Hi Dustin,

                        Thanks for the feedback.
                        We are looking into different options to gather more information and to intelligently determine if the user is currently “Working normally”, “Working limitedly” when the user is on a business trip for example, “on vacation”, etc.

                        Let us know if you have additional idea or thoughts around this topic.

                        We will keep you updated.

                      • Add Support for Ubiquiti UniFi Security Gateways

                        I would love to see support for Ubiquiti UniFi Security Gateway (firewall) products.

                        16 votes
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          1 comment  ·  I am a partner  ·  Flag idea as inappropriate…  ·  Admin →
                        • Support PII detection for all major languages

                          Currently, the support for PII detection is limited to too few languages.

                          4 votes
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
                          • Please enable us to have a less than query option when creating a cloud app policy. Currently we can only match using the more than operator

                            Please enable us to have a less than query option when creating a cloud app policy. Currently we can only match using the more than operator

                            1 vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
                            • implement the ability for MCAS to act as a forward filtering web proxy to control web access for end users

                              implement the ability for MCAS to act as a forward web proxy so it can deploy category based filtering, DLP and such. You would eat into zscaler and forcepoint territory and it would be a big win for orgs wanting to do zero trust networks

                              4 votes
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
                              • Proxy Azure administration

                                Support the proxying of Azure administration, so, for example, an admin could be prevented from deleting a particular VM.

                                2 votes
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  0 comments  ·  I am a partner  ·  Flag idea as inappropriate…  ·  Admin →
                                • Support a public API or SDK

                                  This would make it easier to allow additional apps to be connected.

                                  2 votes
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
                                  • Allow users to restrict uploads

                                    I'd like the capability to restrict uploads. This should be enforced by the forward proxy to prevent uploads to unsanctioned SaaS apps.

                                    2 votes
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Allow CAS Data Feed into Azure Security Center

                                      We are in the gov and commercial space, so it would be helpful to have a hook from CAS to Azure Security Center.

                                      3 votes
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        0 comments  ·  I am a partner  ·  Flag idea as inappropriate…  ·  Admin →
                                      • Support OAuth2 Azure AD apps for Proxy

                                        As of now only SAML Azure AD apps are supported, however OAuth 2.0 apps should also be supported.They are heavily used and more modern auth/sso.

                                        2 votes
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          0 comments  ·  I am a partner  ·  Flag idea as inappropriate…  ·  Admin →
                                        • 3 votes
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            0 comments  ·  I am a customer  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3
                                          • Don't see your idea?

                                          Feedback and Knowledge Base