Microsoft Defender for Cloud Apps (MCDA) is Microsoft's product offering helping companies to monitor and protect their SaaS app data.
Our integration allows you to fetch discovery data directly from MCDA to uncover SaaS usage across your organisation.
Capabilities
β
SaaS Discovery | Synchronises discovered SaaS apps from Microsoft Defender for Cloud Apps (browser-based apps only) |
β SaaS App Usage | Fetches information about which specific users have used each app, in 7-day intervals |
Prerequisites
A company-wide Microsoft license that includes Defender for Cloud Apps
Defender for Cloud Apps must be configured to receive data from Defender for Endpoint or another supported log collector
Setup Guide
Go to Integration centre and locate the Microsoft Defender for Cloud apps or click here
Click on the authorise button and remember to log in with Admin role in Microsoft so you can grant the needed permissions.
After successfully granting the permissions, the validation section will become green and now you can name your connection. Naming is used for display purposes and easy navigation to the needed connector, so please use a suitable name.
And you are all set!
You can monitor the health of your connector here.
Technical Details
Endpoints
This integration queries the following endpoints:
GET /users
GET /beta/security/dataDiscovery/cloudAppDiscovery/uploadedStreams
GET /beta/security/dataDiscovery/cloudAppDiscovery/uploadedStreams/{streamId}/microsoft.graph.security.aggregatedAppsDetails(period=duration'P90D')
GET /beta/security/dataDiscovery/cloudAppDiscovery/uploadedStreams/{streamId}/microsoft.graph.security.aggregatedAppsDetails(period=duration'P7D')/{appId}/users
Scopes & Permissions
This integrations needs the following permissions:
CloudApp-Discovery.Read.All
User.Read
User.ReadBasic.All
discovery.read
investigation.read
Notes and Remarks
Note that Defender for Cloud apps will provide information to Viio on all Saas applications used in your organisation according to Microsoft and Viio will mark these with the label for source "External Discovery Engine"
The Viio Platform will not do any addtional processing on this data nor will in any way alter it.
Please also note that nor Defender for Cloud apps nor the Viio Browser Extension can cover Desktop applications, in order to track usage on such you will need to install the Viio Desktop Agent.