Announcement ID | MC783218 | Published Date | 04-22-2024 | |
Service | cloudappsecurity | Last Updated | 08-15-2024 | |
Category | Plan for change | Expiration Date | 11-11-2024 | |
Roadmap ID | Action Required by Date | |||
Tags | Major update, Admin impact, Retirement, User impact |
Summary |
---|
Microsoft is retiring the "Cloud Discovery anomaly detection" policy from Defender for Cloud Apps due to high false positives. Rollout begins late June 2024 and ends late September 2024. Affected users should switch to "App discovery policy" and set filters as needed. |
More Information |
---|
We will be gradually retiring the "Cloud Discovery anomaly detection" policy support from Microsoft Defender for Cloud Apps between June and July 2024. After careful analysis and consideration, we have decided to retire it due to the high rate of false positives associated with this alert, which we found was not contributing effectively to the overall security of your organization. Our research indicated that this feature was not adding significant value and was not aligned with our strategic focus on delivering high-quality, reliable security solutions. We are committed to continuously improving our services and ensuring that they meet your needs and expectations. When this will happen:We will begin rolling this out in late June 2024 (previously early June) and expect to complete by late September 2024 (previously late July). How this will affect your organization:SOC administrators and analysts will no longer be able to access, manage and use "Cloud Discovery anomaly detection policy" alerts in "Microsoft Defender for Cloud Apps", when this change is implemented. What you need to do to prepare:If this policy type is used in your organization and is needed, we recommend using "App discovery policy" and create dedicated policies, under "Trigger a policy match if all the following occur on the same day" set the filters accordingly.
|