Does anyone use Microsoft Cloud App Security (MCAS)?

E Double U

My organization is interested in exploring the built-in DLP features of MCAS, but it is new to us. I am curious to hear of other's experience with this solution. The product may not be as mature as the Symantec solution, but we are trying to go cloud native whenever possible. 

Acenl12

Yes, but I'm also a consultant who implements it for customers. Defender for Cloud Apps can detect for example when someone deletes a lot of documents from a SharePoint online site, it can also integrate with Sentinel. Or when someone uploads a highly sensitive document to his personal hotmail or gmail. It has quite some built in rules and machine learning which analyzes the activiies of a user and alerts when he/she does something unusual or suspicious. Microsoft Defender for Cloud apps is a primary component of a Zero Trust strategy and your XDR deployment with Microsoft 365 Defender. If you have any more questions feel free to ask. I always recommend to first start with implementing a proper information protection setup, where the senstivity labes and DLP policies are implemented by or with the business, and that sensitive information/data is classified, and then enable Defender for Cloud Apps. If you use Microsoft Sentinel, I also recommend to integrate Defender for Cloud Apps, to have the alerts/incidents in one place.