With the reality of today’s remote workforce, organizations are feeling the pain of securing devices, user accounts, data, and more. Previously remote users would have to connect to the company VPN to keep them secure with many security appliances scanning for malicious actions. The average enterprise is using around 1,000 apps, most of which are cloud-based with many different vendors.
Micah Heaton Director of Microsoft Security Services and John Wagner Sr. M365 Engineer from BlueVoyant will show you how Microsoft Cloud App Security (MCAS) is designed to take on this problem and then some.
MCAS is a supercharged Cloud App Security Broker with reverse proxy that not only connects the majority of IT resources together, it uses the power of AI & analytics to identify and defend a multitude of threats flowing in and out of the organization. MCAS looks at each transaction from each connection, searching for similarities, policy violations, data theft, malware & vulnerabilities on devices, and then decides if the automated governance actions should be applied for mitigation.
MCAS is not a SIEM, however it can analyze a snapshot or continuous upload of your syslogs from many different devices and cloud vendors to correlate the network telemetry with existing findings to allow the SOC to view a clearer picture of malicious activity in one pane of glass. If you are using any of Microsoft’s Cloud or Security & Compliance services, MCAS is natively integrated which cuts down on implementation time using simple toggle switches in each of the applicable portals.
Reference:https://redmondmag.com/webcasts/2021/02/bluevoyant-february-10.aspx?tc=page0