Changes to Cloud App Catalog and Risk score calculation
Microsoft Defender for Cloud Apps is implementing changes to the Cloud App Catalog to improve the scoring of apps. The changes involve the removal of non-relevant/redundant indicators such as Consumer Popularity Index, Safe Harbor, Jericho Forum Commandments, Heartbleed patches, and protection against DROWN. Some indicators, like Founded Holding Domain Registration and FedRAMP level FISMA, will also be removed from the score calculation but will continue to be available in Filters and presented in the catalog for information purposes. The Disaster Recovery Plan indicator will be moved from the General section to the Security section, while the SSAE 16 indicator will be replaced by SSAE 18.
These changes will be implemented in mid-Dec 2022 and might affect the risk score of some applications and trigger new alerts. Existing discovery policies created based on the total score of apps or the removed indicators might also be affected. Organizations are advised to review their existing discovery policies, modify or create new policies as needed to prepare for these changes.
Message ID: MC467232
The post Changes to Cloud App Catalog and Risk score calculation appeared first on M365 Admin.
Published on:
Learn more
Related posts
Microsoft Purview compliance portal: Insider Risk Management – Enriching Insider risk management with Communication compliance as an indicator
Microsoft Purview compliance portal is expanding its capabilities to better manage insider risks by utilizing communication compliance policy ...
Microsoft Purview compliance portal: Communication Compliance – Enriching Insider risk management with Communication compliance as an indicator
Microsoft has unveiled the latest addition to its Purview compliance portal, the Communication Compliance feature. This new feature enhances I...
Microsoft Purview compliance portal: Insider Risk Management – Recommended thresholds in policy wizard
Microsoft has introduced a new feature to enable tailored recommended thresholds for all built-in indicators within the policy wizard for admi...
Microsoft Purview compliance portal: Insider Risk Management – Analytics email digest
Microsoft Purview Insider Risk Management is an essential tool for admins who need to identify insider risks within their organization. The sy...
Microsoft Purview compliance portal: Insider Risk Management – Sequence and anomaly detection in insider risk analytics
Microsoft has announced an update to the Purview Insider Risk Management platform, which helps identify potential insider risks by correlating...
Microsoft Purview | Compliance Manager: Microsoft Defender for Cloud (MDC) integration
Microsoft Purview's Compliance Manager has integrated with Microsoft Defender for Cloud, enabling customers to assess their compliance posture...
Microsoft Purview compliance portal: Insider Risk Management – Policy customization from alert review experience
Microsoft Purview Insider Risk Management has introduced a new feature that enables admins to customize Insider Risk Management policies and a...
Microsoft Purview compliance portal: Insider Risk Management – Deduplication of signals
Microsoft Purview Insider Risk Management has introduced an update that addresses noisy alerts due to duplicate signals generated by a single ...
Changes to Cloud App Catalog and Risk score calculation
Microsoft Defender for Cloud Apps is making some changes to improve the scoring of apps in the Cloud App Catalog, which will affect organizati...