Introduction
Microsoft Defender for Cloud Apps includes several advanced features that you can use to complete your security protection in a heterogeneous environment.
You're an administrator for Contoso, a large multi-national organization, which is using Microsoft Defender for Cloud Apps to identify and mitigate security risks in its on-premises and cloud infrastructure. Although the security tools have proved effective, you're aware that some potential weaknesses remain. For example, you want to ensure that iOS devices can be protected and you want to be able to respond quickly to new threats.
In this module, you'll learn about advanced features, such as custom indicators of compromise, integration with Microsoft Defender portal, and programmatic access to Defender for Cloud Apps through the Microsoft Defender for Cloud Apps REST API.
Learning objectives
After completing this module, you'll be able to:
- Create a custom indicator of compromise in Microsoft Defender for Cloud Apps.
- Observe security threats detected by Microsoft Defender for Cloud Apps in Microsoft Defender portal.
- Block apps and websites on iOS devices by using Defender for Endpoint and Microsoft Defender for Cloud Apps.
- Ensure that a log collector can communicate with Microsoft Defender for Cloud Apps from behind a proxy server.
- Interact with Microsoft Defender for Cloud Apps by using the REST API.