Microsoft Defender for Cloud Apps Government service description

How to use this service description

The Microsoft Defender for Cloud Apps US Government service description is designed to serve as an overview of the service offerings in the GCC High and Department of Defense (DoD) environments and will cover feature variations from the commercial offering. For more information about Microsoft Defender for Cloud Apps for GCC customers, see EMS for US Microsoft 365 GCC customers.

Note

Defender for Cloud Apps customers who are using GCC should use this URL to log on to the service: https://portal.cloudappsecuritygov.com

Getting started with Microsoft Defender for Cloud Apps for US Government offerings

The Microsoft Defender for Cloud Apps offerings for GCC High and DoD customers are built on the Microsoft Azure Government Cloud and are designed to inter-operate with Microsoft 365 GCC High and DoD environments. Full details on the services and how to use them can be found in the Microsoft Defender for Cloud Apps public documentation. The public documentation should be used as a starting point for deploying and operating the service and the following Service Description details and changes from functionality or features in the GCC High or DoD environments.

To get started, use the Basic Setup page for access to the Microsoft Defender for Cloud Apps GCC High or DoD portals, and ensure your Network requirements are configured. To configure Defender for Cloud Apps to use your own key to encrypt the data it collects while it's at rest, see Encrypt Defender for Cloud Apps data at rest with your own key (BYOK). Follow the additional steps in the How-to guides for other detailed instructions.

Note

Data encryption is currently only available for specific Microsoft Defender for Cloud Apps government offerings.

Feature variations in Microsoft Defender for Cloud Apps US Government offerings

Unless otherwise specified, new feature releases, including preview features, documented in What's new with Microsoft Defender for Cloud Apps, will be available in GCC High and DoD environments within three months of release in the Microsoft Defender for Cloud Apps commercial environment, unless otherwise noted.

Feature support

Microsoft Defender for Cloud Apps for US Government offers parity with the Microsoft Defender for Cloud Apps commercial environment, with the following exceptions:

Feature Name Description GCC GCC High DoD
Microsoft Sentinel integration Sharing alerts and Shadow IT Discovery telemetry with Microsoft Sentinel Roadmap Roadmap Roadmap
Microsoft Defender for Cloud integration Sharing alerts with Microsoft Defender for Cloud Roadmap
Email notifications Admin email notifications for alerts, as well as notifications sent to users when a breach is detected Roadmap Roadmap Roadmap
Microsoft Secure Score integration Surfacing Microsoft Defender for Cloud Apps controls in Microsoft Secure Score Roadmap Roadmap Roadmap

Note

Microsoft Defender for Cloud Apps in GCC is paired with Microsoft Sentinel and Microsoft Defender for Cloud in the Azure Commercial cloud.

Microsoft Defender for Cloud Apps in GCC High / DoD is paired with Microsoft Sentinel and Microsoft Defender for Cloud in the Azure Government cloud.

Next steps

To learn more about Defender for Cloud Apps and explore how to get started see, Defender for Cloud Apps public documentation.