Microsoft Cloud App Security

A uniquely integrated Cloud Access Security Broker

Microsoft Cloud App Security
Powered by native integrations with industry-leading security and identity
solutions including Azure Active Directory, Intune, and Azure Information
Protection – gain visibility into all your cloud apps and services leveraging
sophisticated analytics to identify and combat cyberthreats. Control how
your data is consumed, no matter where it lives.
Concur
Slack Github
Dropbox Workday ServiceNow
AWS Box Office 365 Egnyte
Endpoint Detection
& Response Threat Signal Workviva DocuSign Cornerstone On Demand
Clustering Workplace by Facebook OktaTableau HighQ
Jira G-Suite Azure Salesforce
Corporate HQ

Identity & Access

Management L
Microsoft Security Analytics
A uniquely
A uniquely orem
Public / Home Wi-Fi Cloud App integrated
integrated
CASB
& Guidance
16,000+
Security CASB Cloud apps in our app catalog

Data Loss
External Users Prevention Cloud Security
Posture Management
70+
Risk factors evaluated for each app
Unified Endpoint
Unmanaged Devices Management

Shadow IT Information Threat Compliance

Discovery
Identify and manage the cloud apps used
by your organization – in and beyond the
corporate network.
Protection
Understand, classify and protect sensitive
information when it travels in- and outside of
your organization with automated processes
and real-time controls.
Protection
Detect unusual behavior across your cloud
apps to identify ransomware, compromised
users or rogue applications, analyze high-risk
usage and remediate automatically to limit
the risk to your organization.
Assessment
Assess the compliance of your organization’s
apps against regulatory requirements such as
GDPR, industry and legal standards and
common security controls.
 Shadow IT Discover
Discover the
the cloud
cloud apps
apps used
used Assess
Assess risk
risk and
and business
business readiness
readiness Govern
Govern discovered
discovered apps
apps by
by
in
in your
your organization.
organization. of
of your
your apps
apps against
against >70
>70 risk
risk sanctioning,
sanctioning, onboarding
onboarding them
them
Discovery factors
factors including
including regulatory
regulatory and
and app to Azure
to Azure AD orAD or blocking
blocking them
industry
industry standards.
standards. them on network.
on your your network.

Discovery
Discovery of
of apps
apps
Get
Get granular
granular details
details Out
Out of
of the
the box
box alerts
alerts
about
about the
the usage
usage of
of each
each
discovered
discovered cloud
cloud app
app in
in Get
Get notified
notified when
when new
new risky
risky Executive
Executive reporting
reporting
or
or high
high volume
volume apps
apps are
Discover
Discover and
and control
control use
use of
of Shadow
Shadow IT
IT your
your organization
dive
organization and
dive deep
deep into
into app
app
and
discovered
discovered soso you
are
you can
can
High
High level
level overview
overview of of
evaluate key
key findings
findings and
and
categories,
categories, IP
IP addresses,
addresses, evaluate and
and govern
govern
their recommendations
recommendations on on how
how
users
users and
and machines.
machines. their usage.
usage.
On
On average
average more
more than
than 1,100
1,100 cloud
cloud applications
applications are
are used
used by by to
to improve
improve visibility
visibility into,
into,
enterprises and
and control
control over,
over, Shadow
Shadow
enterprises today,
today, of
of which
which 61%
61% areare not
not sanctioned
sanctioned by
by IT.
IT. This
This
IT
IT in
in your
your organization.
organization.
results
results in
in duplicate
duplicate capabilities,
capabilities, apps
apps not
not meeting
meeting compliance
compliance
standards
standards oror posing
posing aa security
security risk
risk to
to the
the organization
organization without
without anyany
IT
IT oversight.
oversight.

Discovery
Discovery identifies
identifies current
current cloud
cloud apps,
apps, provides
provides risk
risk assessments
assessments
and
and ongoing
ongoing analytics
analytics and
and lifecycle
lifecycle management
management capabilities
capabilities to
to
control
control the
the use.
use.

Seamless
Seamless integrations
integrations to
to enhance
enhance and
and customize
customize Discovery
Discovery
Windows
Windows Defender
Defender ATP
ATP Azure
Azure Active
Active Directory
Directory Leading
Leading SWG
SWG providers
providers
The
The agent
agent extends
extends Discovery
Discovery Easily
Easily onboard
onboard discovered
discovered Secure
Secure Web
Web Gateway
Gateway
beyond
beyond your
your organization’s
organization’s apps
apps toto Azure
Azure Active
Active integrations
integrations allow
allow
network
network and
and enables
enables Directory
Directory (AAD)
(AAD) to
to enable
enable inline
inline app
app Discovery
Discovery
machine-based
machine-based Discovery
Discovery managed
managed authentication
authentication and
and the
the enforcement
enforcement
regardless
regardless of
of the
the access
access point.
point. and
and SSO
SSO.. of
of governance
governance actions.
actions.
 Information
Information Identify
Identify information
information atat risk
risk of
of Classify,
Classify, label
label and
and protect
protect Control
Control and
and monitor
monitor user
user sessions
sessions in
in
exposure
exposureand
andremediate
remediateimmediately
immediately sensitive
sensitive information
information when
when itit real-time
real-time to
to prevent
prevent data
data exfiltration
exfiltration
Protection
Protection with
with admin
admin controls
controls including
including isisstored
storedin
inorornewly
newlyuploaded
uploaded in
inlow-trust
low-trustscenarios,
scenarios,such
suchas
assessions
sessions
quarantine,
quarantine, revoking
revoking privileges
privileges or
or to
tocloud
cloudapps.
apps. from
fromexternal
externalusers.
users.
notifying
notifyingthe
theowner.
owner.

Control
Controluser
usersessions
sessions
in
inreal-time
real-time
Automatic
Automaticlabeling
labeling
Monitor
Monitorand
andcontrol
controlrisky
risky
Automated
Automatedgovernance
governance When
Whensensitive
sensitivefiles
filesare
are user
usersessions
sessionsininreal-
real-time
time Protect
Protect your
your data
data when
when itit travels
travels
When
Whenpolicy
policyviolations
violations
detected,
detected,AIP
AIPlabels
automatically
automaticallybe
labelswill
will
beapplied
applied
and
andprevent
preventdata
dataexfiltration.
exfiltration. outside
outside of
of your
your organization
organization
occur,
occur,automatic
automaticgovernance
governance across
acrossyour
yourcloud
cloudapps.
apps.
actions
actionslike
likequarantining
quarantining To
To maximize
maximize thethe impact
impact of
of information,
information, itit needs
needs to to be
be
files
filesor
orrevoking
revokingpermissions
permissions ubiquitous
ubiquitous to
to help
help people
people and
and businesses
businesses succeed.
succeed. With
With
are
areapplied.
applied.
data
data being
being on
on the
the move,
move, the
the risk
risk for
for exposure
exposure increases,
increases, as
as
sensitive
sensitive data
data isis overshared
overshared inside
inside or or even
even outside
outside ofof
the
theorganization.
organization.
44
Microsoft
Microsoft Cloud
Cloud App
App Security
Security enables
enables you
you to
to identify
identify your
your
sensitive
sensitive data
data across
across cloud
cloud apps,
apps, monitor
monitor when
when itit isis shared
shared
with
with risky
risky environments
environments and and take
take necessary
necessary governance
governance
actions
actions by
by classifying,
classifying, labeling
labeling and
and protecting
protecting existing
existing andand
new
newdata
dataininyour
yourenvironment.
environment.

Native
Nativeintegrations
integrationspowering
poweringaaunique
uniqueinformation
informationprotection
protectionapproach
approach

Microsoft
MicrosoftInformation
Information Conditional
ConditionalAccess
Access Intune
Intune
Protection
Protection Automated
Automatedaccess
accesscontrol
controlfor
for Managing
Managingmobile
mobile
Comprehensive
Comprehensiveprotection
protectionof of accessing
accessingcloud
cloudapps,
apps,based
basedon on productivity
productivitysecurely
securelyand
and
sensitive
sensitivedata
datathroughout
throughoutits itslifecycle
lifecycle conditions
conditionsyouyoudefine.
define.MCAS
MCAS ininaaunified
unifiedway.
way.Leveraged
Leveraged
across
acrossdevices,
devices,apps,
apps,cloud
cloudservices
services extends
extendsthese
thesecontrols
controlsinto
intothe
the totodifferentiate
differentiatemanaged
managed
and
andon-premises.
on-premises.Integrated
Integratedwith
with user’s
user’ssession
sessiontotoallow
allowfor
for from
fromunmanaged
unmanageddevices
devices
Cloud
CloudApp
AppSecurity
Securityto toextend
extendthe the real-time
real-timemonitoring
monitoringand andgranular
granular and
andapply
applynecessary
necessary
capabilities
capabilitiesto
toall
allyour
yourcloud
cloudapps.
apps. control
controlofofany
anyapp
appwith
withMCAS.
MCAS. session
sessioncontrols.
controls.
 Threat Detect insider threats and compromised Identify and mitigate malware Be alerted when rouge applications
accounts with sophisticated end user activities, including ransomware or overprivileged O-auth apps access
Protection behavioral analytics (UEBA). and other advanced cyberattacks. your data and configure automatic
remediation.

Session investigation
Understand the context of
multiple activities of a user
across various apps, to detect
Protect against cyberthreats and anomalies patterns and identify
compromised accounts.
Moving to the cloud presents a new threat vector for organizations.
Attacks can introduce ransomware, compromised user accounts
perform malicious activities, and overprivileged O-auth apps can
gain access to sensitive data or privileged accounts.
Dive into the details
Investigate the individual
files and locations that are
affected with additional
details about IP address,
location, the machine
and more.
Remediation
Apply governance
actions, such a
requiring users to sign
in again or suspending
the user account, when
suspicious activities are
identified.

Accelerate the safe adoption of cloud apps and limit the impact to
your organization by leveraging sophisticated behavioral analytics,
built-in detections and automatic remediation capabilities,
informed by one of the industry’s largest set of threat signals.

Advanced Threat Intelligence - enabling sophisticated detections

Detections

Intelligent Security Graph Secure Score Azure Security Center

A platform powering Microsoft
security products and services by
using advanced analytics to link threat
intelligence and security signals.
Microsoft operates global services at a
massive scale with billions of security
signals that MCAS leverages to power
its Threat Detection.
Visibility into your Microsoft
security position and provides an
overview of which security features
are available to reduce risk. MCAS
feeds into the overall scoring and
helps you protect your
environment of cloud apps.
Enables Security posture
management and threat
protection for hybrid cloud
workloads to ensure secure
configuration of all your
resources. Integrated and
surfaced within MCAS.
 Compliance
Compliance Assess
Assessififyour
yourcloud
cloudapps
appsmeet
meetyour
your Validate
ValidateGDPR
GDPRand
andother
other Protect
Protect sensitive
sensitive data
data when
when itit isis
industry’s
industry’scompliance
compliancerequirements.
requirements. regulatory
regulatorycompliance.
compliance. uploaded
uploadedtotothe
thecloud
cloudororshared
sharedin-
in-
Assessment
Assessment and
andoutside
outsideofofyour
yourorganization.
organization.

Learn more about Microsoft Cloud App Security

aka.ms/mcas Microsoft Cloud App Security
A uniquely integrated Cloud Access Security Broker
Technical documentation
aka.ms/mcastech

Asses
Assess
the
the
compliance
compliance
ofof
your
your
cloud
cloud
apps
apps
GetEvaluate
aEvaluate
free your
90-day
yourappsappstrial Most
Mostorganizations
organizationsmust
mustcomply
complywith
witha aset
setofofregulations,
regulations,governed
governedbybythe
the
industry
industryand
andcountry
countrythey
theyoperate
operatein.in.These
Thesedictate
dictatehow
howorganizations
organizationsmust
must
aka.ms/mcastrial
Leverage
Leverage>70
>70factors
factorsspanning
spanningsecurity
securitystandards,
standards,compliance
complianceand
andlegal.
legal.
manage,
manage,view,
view,and
andcontrol
controltheir
theirdata.
data.

Microsoft
MicrosoftCloud
CloudApp
AppSecurity
Securitysources
sourcesfrom
froma acatalog
catalogofofmore
morethan
than16,000
16,000cloud
cloud
apps
appstotodiscover
discoverthe
theapps
appsused
usedininyour
yourenvironment
environmentandandleverages
leverages>70>70different
different
Questions? Connect with us on Tech Community! parameters
parameterstotoassign
assigna arisk
riskscore
scoretotoeach
eachone.
one.These
Theserisk
riskfactors
factorsspan
spangeneral
general
information,
information,security,
security,compliance
complianceand andlegal,
legal,and
andenable
enableyou youtotoassess
assesswhether
whether
aka.ms/mcascommunity any
anygiven
givenappappmeets
meetsthe thecompliance
compliancerequirements
requirementsforforyour
yourorganization.
organization.
33 55
22 Powerful,
Powerful,built-in
built-inqueries
queriesallow
allowyou
youtotofilter
filterfor
forspecific
specificrequirements
requirementssuch
suchasas
44 GDPR
GDPRororFedRAMP,
FedRAMP,tototailor
tailorthe
thediscovery
discoveryexperience
experiencetotoyour
yourspecific
specificneeds.
needs.

11 Get
Getstarted
startedon
onyour
yourcompliance
compliancejourney
journey

11 22 33
Discover
Discoveryour
yourcloud
cloudapps
apps Assess
Assesstheir
theircompliance
compliance Control
Controlsensitive
sensitivedata
data
Get
Getstarted
startedwith
withdiscovery
discoverytoto Leverage
Leveragemoremorethan
than7070risk
risk Create
Createlabels
labelsand
andfile
filepolicies
policies
understand
understandwhich
whichcloud
cloudapps
appsare
are factors
factorstotounderstand
understandwhether
whether totoidentify
identifyand
andautomatically
automatically
being
beingused
usedininyour
yourorganization.
organization. the
thediscovered
discoveredcloud
cloudapps
appsmeet
meet protect
protectsensitive
sensitiveinformation
information
your
yourorganization’s
organization’srequirements.
requirements. across
acrossyour
yourecosystem
ecosystemofof
cloud
cloudapps.
apps.
Learn more about Microsoft Cloud App Security
aka.ms/mcas

Technical documentation
aka.ms/mcastech

Get a free 90-day trial

aka.ms/mcastrial

Questions? Connect with us on Tech Community!

aka.ms/mcascommunity