Changes to Cloud App Catalog and Risk score calculation
Microsoft Defender for Cloud Apps are making some changes to the Cloud App Catalog as part of improving the scoring of Apps.
1) As part of the changes, the following non-relevant/redundant indicators are being removed from the catalog:
- Consumer Popularity Index
- Safe Harbor
- Jericho Forum Commandments
- Heartbleed patched
- Protected against DROWN
2) The following indicators are being removed from the score calculation; however, they will continue to be presented in the catalog for information and will also continue to be available in Filters.
- Founded
- Holding
- Domain Registration
- FedRAMP level
- FISMA
3) Indicator “Disaster Recovery Plan” is being moved from “General” to “Security” section
4) Indicator “SSAE 16” is being replaced with “SSAE 18”.
When this will happen:
Standard Release: We will begin rolling out mid-Dec 2022 and expect to complete it by late Dec 2022.
How this will affect your organization:
Due to the above changes, the risk score of some applications might change and new alerts might trigger if customers have created discovery policies based on total score of apps or removed indicators. Also, any existing policies that were created based on the removed indicators will also be removed
What you need to do to prepare:
Therefore, please review your existing discovery policies and modify them or create new policies as needed.
Message ID: MC467232
No comments yet