Great video. What you will learn: What is Defender for Cloud App > How to get started > Use cases for conversations with your IT Sec team > Potential examples to automate Great flow to help you get started
All your Video's are great, simple for a beginner and get exited like about the whole M365, Intune, Defender, CAS MS products. Keep looking for more such videos, I almost viewed all your videos in couple of days.
Thanks Matt. Great Video and kind of impacting way of centralizing security controls for the environment. Definitely something that I look into deeper.
great video!! also, if this is for teaching.. can you please use the acronyms for things that are not so know and then say it out. like example. SIEM - security information and even management. some acronyms are not well known to noobs. thx
Thanks for a very informative video. One question I had, firewall logs doesn't have usernames, in this case can we do Active Directory integration to retrieve usernames querying AD against discovered IP's ? Also if an enterprise is sending usernames to MCAS via internet are we encrypting them before storing ?
so when MCAS scans files stored within a cloud app storage, what governs the extent to which MCAS can see? Presumably a scan can't just trawl all of Box for example. Is it limited to storage allocated to corporate Box accounts?
MCAS working with PAN and in a lose way with IronPort is very powerful stuff. Is MCAS an API based solution? I see that it works with ATP which looks very powerful. This is a cool example of MCAS! Do you have anything that explains the caveats for what else needs to be done to enable MCAS? Thanks you!
Indeed great presentation & demonstration Matt. Thanks a lot. Anyway you can share the presentation deck with us? I would like to us it of course with your permission. :) Thanks in advance.
This was very helpful. I'm curious... What tool did you use to present your content on the left side and the CASB options on the right? Going back and forth, zooming in/out. Thank you for sharing!
Hi - While publishing 3rd party apps via MCAS, how to restrict direct access. Say FB eg. in the video; what if BYOD user doesn't opt to go via reverse proxy URL and goes directly to FB?
So CASB can locate cloud apps users signed into them via their AAD creds. What if they use their own personal email address to Dropbox but are still using the app for business use. Will CASB still be able to detect?
It actually doesn’t use AAD at all to discover. It uses firewall logs or logs from defender for endpoint to discover saas apps - regardless if it’s personal or business version of the app
Hi Matt! Just came across your channel and I am thinking of going down this route as a career path, I’m taking MD 100,101 & Ms 500 365 security…. Would adding this into long term view be a good fit? any advice would be amazing… thanks for your content 🙂
Great video. What you will learn: What is Defender for Cloud App > How to get started > Use cases for conversations with your IT Sec team > Potential examples to automate
Great flow to help you get started
All your Video's are great, simple for a beginner and get exited like about the whole M365, Intune, Defender, CAS MS products.
Keep looking for more such videos, I almost viewed all your videos in couple of days.
That means a lot, thank you so much.
Microsoft CASB is by far the market leader!
Hi Matt, awesome presentation. You also have to commit the changes on the PA firewall ;)
Best 41:09 minutes I have spent in a long time
Thank you, that means a lot.
Just What I wanted. Thanks.
Thanks Matt. Great Video and kind of impacting way of centralizing security controls for the environment. Definitely something that I look into deeper.
Hi Matt,
Great video as always.Can you do App governance video as well, including how to sanction and inspection apps, best practice, etc.
Thanks.
Thanks, Matt, we want more
Great video Matt, presentation and content are best in class!
Great video, thanks for producing it!
great video!! also, if this is for teaching.. can you please use the acronyms for things that are not so know and then say it out. like example. SIEM - security information and even management. some acronyms are not well known to noobs. thx
Really appreciate the feedback, will def make that change!
Thanks Matt, found this really useful. Easy to follow and bite sized.
Is it only on palo alto firewalls that you can automate setting up rules?
Hey Matt, awesome content, thank you! I am thinking of taking this route as a career path, any advice regarding what courses to take for beginners?
03 5.59 DIscovering and Assessing the Risk of Shadow IT
05 20:37 Threat Detection
06 28.35 Threat protection in the cloud
Thanks for a very informative video. One question I had, firewall logs doesn't have usernames, in this case can we do Active Directory integration to retrieve usernames querying AD against discovered IP's ? Also if an enterprise is sending usernames to MCAS via internet are we encrypting them before storing ?
You are the rockstar! Thanks for producing
This is an awesome video! Thanks for sharing Matt!
so when MCAS scans files stored within a cloud app storage, what governs the extent to which MCAS can see? Presumably a scan can't just trawl all of Box for example. Is it limited to storage allocated to corporate Box accounts?
MCAS working with PAN and in a lose way with IronPort is very powerful stuff. Is MCAS an API based solution? I see that it works with ATP which looks very powerful. This is a cool example of MCAS! Do you have anything that explains the caveats for what else needs to be done to enable MCAS? Thanks you!
Indeed great presentation & demonstration Matt. Thanks a lot. Anyway you can share the presentation deck with us? I would like to us it of course with your permission. :) Thanks in advance.
This was very helpful. I'm curious... What tool did you use to present your content on the left side and the CASB options on the right? Going back and forth, zooming in/out. Thank you for sharing!
PowerPoint :)
Is there a place where we can find this slidedeck to show potential clients?
Thanks Matt!
Hi - While publishing 3rd party apps via MCAS, how to restrict direct access. Say FB eg. in the video; what if BYOD user doesn't opt to go via reverse proxy URL and goes directly to FB?
Awesome Video Matt.. Cheers 👍👍
Great information, thanks Matt!
So CASB can locate cloud apps users signed into them via their AAD creds. What if they use their own personal email address to Dropbox but are still using the app for business use. Will CASB still be able to detect?
It actually doesn’t use AAD at all to discover. It uses firewall logs or logs from defender for endpoint to discover saas apps - regardless if it’s personal or business version of the app
@@MattSoseman thanks so much for clarifying!
Lovely but what about do deep dive series for MCAS/ATP/AIP/Defender
Check out the playlists on this channel. I have many deep dives on these products.
Is the MC CAS upload method via Microsoft Defender ATP also working for non windows clients (e.g. Mac)?
Only Win10 at this time. For Mac you would need firewall or proxy logs.
this is amazing thank you
Hi Matt! Just came across your channel and I am thinking of going down this route as a career path, I’m taking MD 100,101 & Ms 500 365 security…. Would adding this into long term view be a good fit? any advice would be amazing… thanks for your content 🙂
For security I would look at ms500,az500,sc900,sc300,sc200,sc400
@@MattSoseman Hi Matt, thanks for the recommendations... i will take this on-board and add this to my career scope... thanks again :-)
How do you pipe the data to powerBI?
www.aka.ms/rsa2019mcas
Adding on Matt's comment, you route the data to powerBI via Azure Sentinel:
docs.microsoft.com/en-us/cloud-app-security/siem-sentinel
Wow, no reason to have Digital Guardian or Any other DLP solution this is amazing. Great things with your EDR and Sentinel One build-in...
Just wait, in June I’ll be releasing about 20-30. Videos on MCAS - this and MDATP are by far my favorite products!
could you please share this PPT with me
Subbed.