Changes to Cloud App Catalog and Risk score calculation

Originally posted by Microsoft Nov 15, 2022 Microsoft 365 suite 0 Comments

Microsoft Defender for Cloud Apps are making some changes to the Cloud App Catalog as part of improving the scoring of Apps.

1) As part of the changes, the following non-relevant/redundant indicators are being removed from the catalog:

  • Consumer Popularity Index
  • Safe Harbor
  • Jericho Forum Commandments
  • Heartbleed patched
  • Protected against DROWN

2) The following indicators are being removed from the score calculation; however, they will continue to be presented in the catalog for information and will also continue to be available in Filters.

  • Founded
  • Holding
  • Domain Registration
  • FedRAMP level
  • FISMA

3) Indicator “Disaster Recovery Plan” is being moved from “General” to “Security” section

4) Indicator “SSAE 16” is being replaced with “SSAE 18”.

When this will happen:

Standard Release: We will begin rolling out mid-Dec 2022 and expect to complete it by late Dec 2022.

How this will affect your organization:

Due to the above changes, the risk score of some applications might change and new alerts might trigger if customers have created discovery policies based on total score of apps or removed indicators. Also, any existing policies that were created based on the removed indicators will also be removed

What you need to do to prepare:

Therefore, please review your existing discovery policies and modify them or create new policies as needed.

Message ID: MC467232

No comments yet

Leave a Reply

Joao Ferreira

I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.

%d bloggers like this: