Microsoft Cloud App Security 的過去版本封存Past-release archive of Microsoft Cloud App Security

Applies to: Microsoft Cloud App Security


Threat protection product names from Microsoft are changing. Read more about this and other updates here. We'll be updating names in products and in the docs in the near future.

本文為描述 Cloud App Security 過去版本所做更新的封存。This article is an archive that describes updates made in past releases of Cloud App Security. 若要查看最新功能清單,請參閱 Cloud App Security 新功能To see the latest what's new list, see What's new in Cloud App Security.

2017 年所做的更新Updates made in 2017

Cloud App Security 版本 113Cloud App Security release 113

發行日期:2017 年 12 月 25 日Released December 25, 2017

  • 我們很高興宣告 Cloud App Security 現在支援與 Azure 資訊保護的深度整合。We're excited to announce that Cloud App Security now supports deepened integration with Azure Information Protection. 此公用預覽功能可讓您掃描與分類雲端應用程式中的檔案,自動套用 Azure 資訊保護標籤的保護。This public preview feature enables you to scan and classify files in cloud apps, and automatically apply Azure Information protection labels for protection. 這項功能適用於 Box、SharePoint 和 OneDrive。This feature is available for Box, SharePoint, and OneDrive. 如需詳細資訊,請參閱 Azure 資訊保護整合For more information, see Azure Information Protection integration.

  • Cloud Discovery 記錄剖析器現可支援一般格式:LEEF、CEF 和 W3C。Cloud Discovery log parsers now support for generic formats: LEEF, CEF, and W3C.

Cloud App Security 版本 112Cloud App Security release 112

發行日期:2017 年 12 月 10 日Released December 10, 2017

  • 您現在可以在活動記錄中按一下使用者名稱或 IP 位址,以存取相關的隱藏式深入解析選單。You can now access the relevant insight drawer by clicking on a username or IP address in the Activity log.
  • 在調查活動時,現在只要按一下時鐘圖示,就能在隱藏式見解選單內輕鬆地檢視所有相同時段的活動。When investigating activities, you can now easily view all activities within the same time period from within the insight drawer by clicking on the clock icon. 時鐘圖示可讓您針對正在檢視的活動,查看其 48 小時內執行的所有活動。The clock icon enables you to view all activities done within 48 hours of the activity you're viewing.
  • 已改善適用於 Juniper SRX 的 Cloud Discovery 記錄檔剖析器。Improvements were made to the Cloud Discovery log parser for Juniper SRX.
  • 針對由 Proxy 監視的活動,活動物件已擴充為包含 DLP 掃描的相關資訊。For activities monitored by the proxy, the Activity object was expanded to include information relevant to DLP scans. 符合的原則也擴充為包含 DLP 違規 (若存在)。Matched policies were expanded to include DLP violations if they exist.

Cloud App Security 版本 111Cloud App Security release 111

發行日期 2017 年 11 月 26 日Released November 26, 2017

  • 探索原則現在支援應用程式標記做為條件以及治理動作。Discovery policies now support app tags as a condition and as a governance action. 這項新增可讓您使用自訂標籤 (例如應用程式新鮮貨) 來自動標記新探索到的應用程式。This addition enables you to automatically tag newly discovered apps with custom tags such as Trending apps. 您也可以使用應用程式標籤作為篩選。You can also use the app tag as a filter. 例如,「當 ' 關注清單 ' 中的應用程式在一天內有超過100的使用者時,警示我」。For example, "Alert me when an app in the 'Watchlist' has more than 100 users in a single day".

  • 時間篩選已改善,讓使用者更容易使用。The Time filter was improved to make it more user-friendly.

  • 內容檢查現在可區分內容、中繼資料和檔名,讓您可以選取想要檢查的項目。Content inspection now enables you to distinguish between content, metadata, and filename, enabling you to select which you want to inspect.

  • 為 G Suite 新增了新的治理動作。A new governance action was added for G Suite. 您現在可以對共用檔案減少公用存取You can now Reduce public access to shared files. 此動作讓您將可公開取得的檔案設定為只能透過共用連結取得。This action enables you to set publicly available files to be available only with a shared link.

  • 對於其他應用程式的所有 OKTA 登入活動現在會顯示在 Cloud App Security 中,並註明來源為 OKTA。All OKTA logon activities to other applications will now show up in Cloud App Security as originating from OKTA. 您可以根據在活動的 [ 活動物件 ] 欄位中執行登入的目標應用程式來進行查看和篩選。You can view and filter based on the target application to which the login was performed in the activity's Activity objects field.

Cloud App Security 版本 110Cloud App Security release 110

發行日期 2017 年 11 月 12 日Released November 12, 2017

  • 現在已正式運作:我們將開始推出記錄收集器的新部署模式。Now generally available: We're starting to roll out a new deployment mode for the log collector. 除了目前以虛擬設備為基礎的部署之外,新的以 Docker (容器) 為基礎的記錄收集器可以在內部部署和 Azure 中的 Ubuntu 電腦上安裝為套件。In addition to the current virtual-appliance based deployment, the new Docker (container) based log collector can be installed as a package on Ubuntu machines both on-premises and in Azure. 使用 Docker 時,可自由修補和監視裝載電腦的客戶即擁有該裝載電腦。When using the Docker, the hosting machine is owned by the customer, who can freely patch and monitor it.

  • 從入口網站的頁面內,您可以使用位於角落的新藍色問號來存取 上的相關 Cloud App Security 文件頁面。Using the new blue question mark in the corner, you can now access the relevant Cloud App Security documentation page on from within the pages of the portal. 每個連結都可區分內容,並根據您所用的頁面,將您導向所需的資訊。Each link is context-sensitive, taking you to the information you need based on the page you're on.

  • 您現在可以從 Cloud App Security 入口網站的每個頁面傳送意見反應。You can now send feedback from every page of the Cloud App Security portal. 意見反應可讓您直接向 Cloud App Security 小組回報 Bug、要求新功能,以及分享您的體驗。Feedback enables you to report bugs, request new features and share your experience directly with the Cloud App Security team.

  • 已改進雲端探索功能,可辨識子域以深入探索您組織的雲端使用方式。Improvements were made to the Cloud discovery ability to recognize subdomains for deep-dive investigations into your organization's cloud usage. 如需詳細資訊,請參閱使用探索到的應用程式For more information, see Working with discovered apps.

Cloud App Security 版本 109Cloud App Security release 109

發行日期:2017 年 10 月 29 日Released October 29, 2017

  • 開始推出 Microsoft Cloud App Security Proxy 功能。Microsoft Cloud App Security proxy feature rollout has started. Microsoft Cloud App Security Proxy 提供您所需的工具,讓您可以即時檢視及控制對雲端環境的存取及其中的活動。The Microsoft Cloud App Security proxy gives you the tools you need to have real-time visibility and control over access to your cloud environment, and activities within it. 例如:For example:

    • 在下載前即予以封鎖,避免資料外洩。Avoid data leaks by blocking downloads before they happen.
    • 設定儲存在雲端的資料以及從雲端下載的資料,強制使用加密保護的規則。Set rules that force data stored in and downloaded from the cloud to be protected with encryption.
    • 可以看見未受保護的端點,以便您能監視未受管理的裝置上正在進行的活動。Gain visibility into unprotected endpoints so you can monitor what's being done on unmanaged devices.
    • 控制來自非企業網路或高風險 IP 位址的存取。Control access from non-corporate networks or risky IP addresses.

    如需詳細資訊,請參閱使用條件式存取應用程式控制保護應用程式For more information, see Protect apps with Conditional Access App Control.

  • 我們會逐漸推出根據特定服務活動名稱篩選的功能。We're gradually rolling out the ability to filter according to specific service activity names. 這個新的活動類型篩選更精細,可讓您監視特定的應用程式活動,而不是較籠統的活動類型。This new Activity Type filter is more granular, to enable you to monitor specific app activities, as opposed to more general activity types. 例如,以前可能是篩選執行命令,現在則可以篩選特定的 EXO Cmdlet。For example, previously, you could filter for the Run command, and now you can filter for specific EXO cmdlets. 活動名稱也會出現在 [類型 (依應用程式)] **** 下的活動下拉式清單中。The activity name can also be seen in the Activity drawer under Type (in app). 這項功能最終會取代活動類型篩選。This capability will eventually replace the Activity type filter.

  • Cloud Discovery 現在支援 Cisco ASA with FirePOWER。Cloud discovery now supports Cisco ASA with FirePOWER.

  • 已強化 [Discovery 使用者和 IP] 頁面的效能,以改善使用者體驗。Performance enhancements were made to the Discovery User and IP pages to improve user experience.

Cloud App Security 版本 105、106、107、108Cloud App Security releases 105, 106, 107, 108

發行日期:2017 年 9 月/10 月Released September/October 2017

  • Cloud App Security 現在包含位於歐盟的資料中心。Cloud App Security now includes a data center located in the EU. 我們除了美國的資料中心之外,歐盟地區的資料中心可讓 Cloud App Security 客戶完全符合新的和即將公布的歐洲標準及法規。In addition to our US data center, the EU data center will enable Cloud App Security customers to be in complete compliance with new and upcoming European standardization and certifications.
  • 新的篩選已新增至 [App 連線程式]**** 頁面,提供您更簡便的篩選和其他深入解析。New filters were added to the App connectors page that provide you with simpler filtering and additional insight.
  • 已改善僅包含目的地 IP 資訊的記錄檔雲端探索。Cloud discovery on log files that have only destination IP information was improved.

Cloud App Security 版本 104Cloud App Security release 104

發行日期:2017 年 8 月 27 日Released August 27, 2017

  • 您現在可以使用 IP 位址範圍 API 建立指令碼,以大量新增 IP 位址。You can now add IP ranges in bulk by creating a script using the IP address ranges API. 在 Cloud App Security 入口網站功能表列中,依序按一下問號、[API 文件]****,即可找到此 API。The API can be found from the Cloud App Security portal menu bar by clicking the question mark and then API documentation.
  • Cloud Discovery 現在會同時顯示總交易數與封鎖的交易數,讓您能夠更清楚看到封鎖的交易數。Cloud Discovery now provides better visibility for blocked transactions, by presenting both the total transactions as well as the blocked transactions.
  • 您現在可以依據雲端應用程式是否經過 ISO 27017 認證來加以篩選。You can now filter cloud applications based on whether they're certified with ISO 27017. 這個新的雲端應用程式目錄風險因素會判斷應用程式提供者是否具有此認證。This new Cloud App Catalog risk factor determines whether the application provider has this certification. ISO 27017 制定了一套大眾均可接受的措施與準則,可用於處理及保護公用雲端運算環境中的使用者資訊。ISO 27017 establishes commonly accepted controls and guidelines for processing and protecting user information in a public cloud computing environment.
  • 為了讓您針對 GDPR 合規性做準備,我們會從「雲端應用程式類別目錄」中的雲端應用程式收集 GDPR 整備聲明。To enable you to prepare for GDPR compliance, we gathered the GDPR readiness statements from the cloud apps in the Cloud App Catalog. 它還不會影響應用程式風險分數,但會提供您連結至應用程式發行者的 GDPR 就緒程度頁面(若有提供)。It doesn't yet affect the app risk score, but provides a link for you to the app publisher's GDPR readiness page, when provided. Microsoft 尚未驗證此內容,對其有效性不負責任。Microsoft hasn't verified this content and isn't responsible for its validity.

Cloud App Security 版本 103Cloud App Security release 103

發行日期:2017 年 8 月 13 日Released August 13, 2017

  • Cloud App Security 已針對下列 Office 檔案新增 Azure 資訊保護原生保護支援:.docm、.docx、.dotm、.dotx、.xlam、.xlsb、.xlsm、.xlsx、.xltx、.xps、.potm、.potx、.ppsx、.ppsm、.pptm、.pptx、.thmx、.vsdx、.vsdm、.vssx、.vssm、.vstx、.vstm (取代一般保護)。Cloud App Security added Azure Information Protection native protection support for the following Office files .docm, .docx, .dotm, .dotx, .xlam, .xlsb, .xlsm, .xlsx, .xltx, .xps, .potm, .potx, .ppsx, .ppsm, .pptm, .pptx, .thmx, .vsdx, .vsdm, .vssx, .vssm, .vstx, .vstm (in place of generic protection).

  • 任何 Azure Active Directory 規範管理員都會在 Cloud App Security 中自動獲授與類似的權限。Any Azure Active Directory Compliance administrator will automatically be granted similar permissions in Cloud App Security. 這些權限包括能夠唯讀及管理警示、建立和修改檔案原則、允許檔案治理動作,以及檢視 [資料管理] 下的所有內建報告。Permissions include the ability to read only and manage alerts, create and modify file policies, allow file governance actions, and view all the built-in reports under Data Management.

  • 我們將 DLP 違規內容從 40 個字元擴充到 100 個字元,以協助您更清楚違規的內容。We extended the DLP violation context from 40 to 100 characters to help you better understand the context of the violation.

  • Cloud Discovery 自訂記錄檔上傳程式的詳細錯誤訊息,能讓您輕鬆地為上傳記錄檔中的錯誤進行疑難排解。Detailed error messages to the Cloud Discovery Custom Log uploader to enable you to easily troubleshoot errors in log upload.

  • 擴充 Cloud Discovery 封鎖指令碼以支援 Zscaler 格式。The Cloud Discovery block script was extended to support Zscaler format.

  • 新的雲端應用程式目錄風險因素:帳戶終止之後保留資料。New Cloud App Catalog risk factor: data retention after account termination. 這可讓您在終止雲端應用程式內的帳戶之後,確定您的資料已完全移除。This enables you to make sure that your data is completely removed after you terminate an account within a cloud app.

Cloud App Security 版本 102Cloud App Security release 102

發行日期:2017 年 7 月 30 日Released July 30, 2017

  • 因為 IP 位址資訊對幾乎所有調查都非常重要,所以您現在可以在 [活動] 下拉式清單中檢視 IP 位址的詳細資訊。Because IP address information is crucial for almost all investigations, you can now view detailed information about IP addresses in the Activity Drawer. 在特定活動中,您現在可以按一下 IP 位址索引標籤,檢視 IP 位址的相關彙總資料。From within a specific activity, you can now click on the IP address tab to view consolidated data about the IP address. 這些資料包括特定 IP 位址的未解決警示數目、最近活動的趨勢圖,以及位置地圖。The data includes the number of open alerts for the specific IP address, a trend graph of recent activity and a location map. 這項功能可讓您輕鬆地向下切入。This feature enables easy drill down. 例如,當調查不可能的移動警示時,您可以輕鬆地了解使用 IP 位址的位置,以及它是否涉及可疑活動。For example, when investigating impossible travel alerts, you can easily understand where the IP address was used and if it was involved in suspicious activities or not. 您可以直接在隱藏式 IP 位址選單中執行動作,讓您將某個 IP 位址標記為具風險、VPN 或公司,以便日後進行調查和建立原則。You can perform actions directly in the IP address drawer that enable you to tag an IP address as risky, VPN, or corporate to ease future investigation and policy creation. 如需詳細資訊,請參閱 IP 位址見解For more information, see IP address insights

  • 在 Cloud Discovery 中,您現在可以使用自訂記錄格式自動上傳記錄In Cloud Discovery, you can now use custom log formats for automated log uploads. 自訂記錄格式可讓您輕鬆地從您的 SIEM (例如 Splunk 伺服器或任何其他不受支援的格式) 自動上傳記錄。Custom log formats enable you to easily automate log upload from your SIEMs such as Splunk servers or any other unsupported format.

  • 新的使用者調查動作可以對使用者進行更深層級的調查。The new user investigation actions enable an added level of drill-down to user investigations. 您現在可以從 [調查]**** 頁面,以滑鼠右鍵按一下活動、使用者或帳戶,並套用下列其中一個新篩選來進行進階的調查和過濾:[檢視相關的活動]****、[檢視相關的治理]****、[檢視相關的警示]****、[檢視擁有的檔案]****、[檢視與此使用者共用的檔案]****。From the Investigation pages, you can now right-click on an activity, user, or account and apply one of the following new filters for advanced investigation and filtration: View related activity, View related governance, View related alerts, View owned files, View files shared with this user.

  • 雲端應用程式目錄現在包含新的欄位,供帳戶終止之後保留資料之用。The Cloud App Catalog now contains a new field for data retention after account termination. 此風險因素可讓您在終止雲端應用程式內的帳戶之後,確定您的資料已完全移除。This risk factor enables you to make sure that your data is completely removed after you terminate an account within a cloud app.

  • Cloud App Security 現在已經增強與 Salesforce 物件相關活動的可見度。Cloud App Security now has enhanced visibility into activities regarding Salesforce objects. 這些物件包括潛在客戶、帳戶、活動、商機、個人資料與案例。Objects include leads, accounts, campaigns, opportunities, profiles, and cases. 例如,帳戶頁面存取的可見性可讓您設定原則,以便在使用者檢視異常多的帳戶頁面時發出警示。For example, visibility into access of account pages enables you to configure a policy that alert you if a user views an unusually large number of account pages. 若您在 Salesforce 中啟用 Salesforce 事件監視 (Salesforce Shield 的一部分),可透過 Salesforce 應用程式連接器使用。This is available through the Salesforce App Connector, when you have enabled Salesforce Event Monitoring in Salesforce (part of Salesforce Shield).

  • 私人預覽版客戶現在已可使用「不要追蹤」功能!Do not track is now available for private preview customers! 您現在可以控制要處理哪些使用者的活動資料。You can now control which users' activity data is processed. 這項功能可讓您將 Cloud App Security 中的特定群組設定為「不追蹤」。This feature enables you to set specific groups in Cloud App Security as "Do not track". 例如,您現在可以決定不要處理位於德國,或位於不受特定合規性法律之任何國家/地區的任何使用者活動資料。For example, you can now decide not to process any activity data for users located in Germany or any country that is not bound by a specific compliance law. 這在 Cloud App Security 中可以跨所有應用程式、針對特定的應用程式,或甚至針對特定子應用程式實作。This can be implemented across all apps in Cloud App Security, for a specific app, or even for a specific subapp. 此外,還可以使用這項功能來漸進推出 Cloud App Security。Additionally, this feature can be used to facilitate gradual roll out of Cloud App Security. 如需此功能的詳細資訊,或加入私人預覽,請連絡支援部門或您的帳戶代表。For more information or to join the private preview for this feature, contact support or your account representative.

Cloud App Security 版本 100Cloud App Security release 100

發行日期:2017 年 7 月 3 日Released July 3, 2017

新功能New features

  • 安全性延伸模組: 安全性延伸模組是新的儀表板,可集中化管理 Cloud App Security 的所有安全性延伸模組。Security extensions: Security extensions is a new dashboard for centralized management of all security extensions to Cloud App Security. 這些延伸模組包括 API 權杖管理、SIEM 代理程式和外部 DLP 連接器。Extensions include API token management, SIEM agents, and External DLP connectors. 新的儀表板可在 [設定] 底下的 Cloud App Security 中使用。The new dashboard is available in Cloud App Security under "Settings".

    • API 權杖 – 產生和管理您自己的 API 權杖,以使用 RESTful API 來整合 Cloud App Security 與協力廠商軟體。API tokens – generate and manage your own API tokens to integrate Cloud App Security with third-party software using our RESTful APIs.
    • SIEM 代理程式– SIEM 整合 先前位於 [設定] 下,現在可作為安全性延伸模組中的索引標籤。SIEM agents – SIEM integration was previously located directly under "Settings", now available as a tab in Security Extensions.
    • 外部 DLP (預覽) – Cloud App Security 可讓您運用協力廠商分類系統中的現有投資 (例如資料外洩防護 (DLP) 解決方案),且可讓您使用環境中執行的現有部署來掃描雲端應用程式的內容。External DLP (Preview) – Cloud App Security allows you to leverage existing investments in third-party classification systems such as Data Loss Prevention (DLP) solutions, and enables you to scan the contents of cloud applications using existing deployments running in your environment. 請連絡您的帳戶管理員,以加入預覽。Contact your account manager to join the preview.
  • 自動批准/不批准: 新的應用程式偵測原則讓 Cloud Discovery 可以自動設定應用程式具有 [批准/不批准] 標籤。Automatically sanction/unsanction: New App detection policies give Cloud Discovery the ability to automatically set apps with Sanctioned/Unsanctioned label. 這可讓您自動識別違反組織原則和法規的應用程式,並將其新增至產生的封鎖腳本。This gives you the ability to automatically identify apps that are in violation of your organization's policy and regulations and add them to the generated blocking script.

  • Cloud App Security 檔案標籤:您現在可以套用 Cloud App Security 檔案標籤,以深入了解它所掃描的檔案。Cloud App Security file labels: You can now apply Cloud App Security file labels to now provide more insight into the files it scans. 針對 Cloud App Security DLP 所掃描的每個檔案,您現在可以知道檔案是否因為加密或損毀而無法檢查。For each file scanned by Cloud App Security DLP, you can now know if the files were blocked from being inspected because they were encrypted or corrupted. 例如,您可以設定原則,針對外部共用的受密碼保護檔案發出警示並予以隔離。For instance, you can set up policies to alert and quarantine password protected files that are shared externally. 這項功能適用於 2017 年 7 月 3 日之後所掃描的檔案。This feature is available for files scanned after July 3, 2017.

    您可以使用篩選分類標籤 > Cloud App Security篩選這些檔案:You can filter for these files by using the filter Classification labels > Cloud App Security:

    • 已加密 Azure RMS - 這些檔案由於已設定 Azure RMS 加密,因此不會檢查其內容。Azure RMS encrypted – files whose content wasn't inspected because they have Azure RMS encryption set.
    • 密碼已加密 –未檢查其內容的檔案,因為它們是由使用者所保護的密碼。Password encrypted – files whose content wasn't inspected because they're password protected by the user.
    • 損毀的檔案 - 這些檔案由於無法讀取其內容,因此不會檢查其內容。Corrupt file – files whose content wasn't inspected because their content couldn't be read.
  • 使用者深入解析:已升級調查體驗,啟用目前使用者的預設深入解析。User insights: The investigation experience was upgraded to enable out-of-the-box insights about the acting user. 現在,您只要按一下就可以從隱藏式 [活動] 選單中看到使用者的完整概觀,此見解包括他們從中連線的位置、與他們有關的未解決警示數目,以及其中繼資料資訊。With a single click, you can now see a comprehensive overview of the users from the Activity drawer, Insights include which location they connected from, how many open alerts are they're involved with, and their metadata information.

  • 應用程式連線程式見解: 在 [應用程式連線程式]**** 中,每個連線的應用程式現在都會在表格中包括隱藏式應用程式選單,讓您更輕鬆地向下切入至其狀態。App connector insights: Under App Connectors, each connected app now includes an app drawer in the table for easier drill-down into its status. 所提供的詳細資料包括 App 連線程式的連線時間,以及連線程式的最後一個健全狀況檢查。Details that are provided include when the App connector was connected and last health check on the connector. 您也可以監視每個應用程式的 DLP 掃描狀態:DLP 所檢查的檔案總數,以及即時掃描狀態 (所要求的掃描與實際掃描)。You can also monitor the status of DLP scanning on each app: the total number of files inspected by DLP and the status of the real-time scans (requested scans vs. actual scans). 您可以得知 Cloud App Security 即時掃描檔案的速率是否低於所要求的數目,以及您的租用戶是否可能超過其容量並在 DLP 結果中發生延遲。You'll be able to tell if the rate of files scanned by Cloud App Security in real time is lower than the requested number, and whether your tenant might be exceeding its capacity and experiencing a delay in the DLP results.

  • 雲端應用程式目錄自訂:Cloud App Catalog customization:

    • 應用程式標籤:您現在可以建立應用程式的自訂標籤。App tags: You can now create custom tags for apps. 您可以使用這些標籤作為篩選,以深入探討您想要調查的特定應用程式類型。These tags can be used as filters for diving deeper into specific types of apps that you want to investigate. 例如,自訂監看清單、指派給特定的業務單位或自訂核准,例如「合法核准」。For example, custom watch list, assignment to a specific business unit, or custom approvals, such as "approved by legal".
    • 自訂附註:當您檢閱和評估跨環境探索到的不同應用程式時,現在可以將結論和深入解析儲存至「附註」。Custom notes: As you review and assess the different applications that were discovered across your environment, you can now save your conclusions and insights in the Notes.
    • 自訂風險分數:您現在可以覆寫應用程式的風險分數。Custom risk score: You can now override the risk score of an app. 例如,如果應用程式的風險分數為 8,且它是您組織中獲批准的應用程式,則可以將您組織的風險分數變更為 10。For example, if the risk score of an app is 8 and it's a sanctioned app in your organization, you can change the risk score to 10 for your organization. 您也可以新增附註,以在任何人檢閱應用程式時清楚變更理由。You can also add notes to make the justification of the change clear when anyone reviews the app.
  • 新的記錄收集器部署模式: 我們將開始推出記錄收集器目前的新部署模式。New log collector deployment mode: We're starting to roll out a new deployment mode is now available for the log collector. 除了以目前虛擬設備為基礎的部署之外,新的以 Docker (容器) 為基礎的記錄收集器可以在內部部署和 Azure 中的 Windows 和 Ubuntu 電腦上安裝為套件。In addition to the current virtual-appliance based deployment, the new Docker (container) based log collector can be installed as a package on Windows and Ubuntu machines both on-premises and in Azure. 使用 Docker 時,可自由修補和監視裝載電腦的客戶即擁有該裝載電腦。When using the Docker, the hosting machine is owned by the customer, who can freely patch and monitor it.


  • 雲端應用程式目錄現在支援超過 15,000 個可探索的應用程式The Cloud App Catalog now supports over 15,000 discoverable apps
  • 合規性:Cloud App Security 通過 Azure 的 SOC1/2/3 官方認證。Compliance: Cloud App Security is officially SOC1/2/3 certified by Azure. 如需完整的認證清單,請參閱 Compliance offerings (合規性供應項目) 並篩選 Cloud App Security 的結果。For the full list of certifications, see Compliance offerings and filter the results for Cloud App Security.

其他改良功能:Other improvements:

  • 改進的剖析: 已改進 Cloud Discovery 記錄剖析機制。Improved parsing: Improvements were made in the Cloud Discovery log parsing mechanism. 內部錯誤極不可能發生。Internal errors are significantly less likely to occur.
  • 預期的記錄格式: Cloud Discovery 記錄的預期記錄格式現在提供 Syslog 格式和 FTP 格式的範例。Expected log formats: The expected log format for Cloud Discovery logs now provides examples for both Syslog format and FTP format.
  • 記錄收集器上傳狀態: 您現在可以在入口網站中查看記錄收集器狀態,並使用入口網站內狀態通知和系統警示對錯誤進行更快速地疑難排解。Log collector upload status: You can now see the log collector status in the portal and troubleshoot errors faster using the in-portal status notifications and the system alerts.

Cloud App Security 版本 99Cloud App Security release 99

發行日期:2017 年 6 月 18 日Released June 18, 2017

新功能New Features

  • 您現在可以要求使用者重新登入所有 Office 365 和 Azure AD 應用程式。You can now require users to sign in again to all Office 365 and Azure AD apps. 要求重新登入可快速有效地修復可疑的使用者活動警示及遭入侵的帳戶。Require sign in again as a quick and effective remediation for suspicious user activity alerts and compromised accounts. 您可以在 [原則設定] 和 [警示] 頁面中,於 [暫時停止使用者的權限] 選項旁找到新的治理動作。You can find the new governance in the policy settings and the alert pages, next to the Suspend user option.
  • 您現在可以篩選活動記錄中的 [Add impersonation role assignment (新增模擬角色指派)]**** 活動。You can now filter for Add impersonation role assignment activities in the Activity log. 此活動可讓您使用 Cmdlet New-ManagementRoleAssignment來偵測系統管理員何時將 [應用程式模擬]**** 角色授與任何使用者或系統帳戶。This activity enables you to detect when an admin has granted an Application Impersonation role to any user or system account, using the cmdlet New-ManagementRoleAssignment. 此角色可讓模擬者使用與模擬帳戶相關聯的許可權來執行作業,而不是與模擬者帳戶相關聯的許可權。This role allows the impersonator to perform operations by using the permissions associated with the impersonated account, instead of the permissions associated with the impersonator's account.

Cloud Discovery 改善:Cloud Discovery Improvements:

  • Cloud Discovery 資料現在可以使用 Azure Active Directory 使用者名稱資料進行擴充。Cloud Discovery data can now be enriched with Azure Active Directory username data. 當您啟用此功能時,將會比對探索流量記錄中收到的使用者名稱,然後將其取代為 Azure AD 使用者名稱。When you enable this feature, the username received in the discovery traffic logs will be matched and replaced by the Azure AD username. 這項擴充啟用下列新功能:Enriching enables the following new features:
    • 您可以調查 Azure Active Directory 使用者的影子 IT 使用方式。You can investigate Shadow IT usage by Azure Active Directory user.
    • 您可以將探索到的雲端應用程式使用與 API 收集的活動相互關聯。You can correlate the discovered cloud app use with the API collected activities.
    • 然後,您可以建立以 Azure AD 使用者群組為基礎的自訂記錄檔。You can then create custom logs based on Azure AD user groups. 例如,特定行銷部門的影子 IT 報告。For example, a Shadow IT report for a specific Marketing department.
  • 已改進 Juniper syslog 剖析器。Improvements were made to the Juniper syslog parser. 它現在支援 welf 和 sd syslog 格式。It now supports the welf and sd-syslog formats.
  • 改進 Palo Alto 剖析器,可進行更好的應用程式探索。Improvements were made to the Palo Alto parser for better application discovery.
  • 若要確認已成功上載記錄檔,您現在可以在 Cloud App Security 入口網站中看到記錄收集器的狀態。To verify that logs are being successfully uploaded, you can now see the status of your log collectors in the Cloud App Security portal.

一般改進:General improvements:

  • 內建 IP 位址標籤和自訂 IP 標籤現在會依階層考量,其中自訂 IP 標籤優先於內建 IP 標籤。Built-in IP address tags and custom IP tags are now considered hierarchically, with custom IP tags taking precedence over built-in IP tags. 例如,如果根據威脅情報將 IP 位址標記為 [具風險]****,但有自訂 IP 標籤將其識別為 [公司]****,則會優先使用自訂類別和標籤。For instance, if an IP address is tagged as Risky based on threat intelligence, but there's a custom IP tag that identifies it as Corporate, the custom category and tags will take precedence.

Cloud App Security 版本 98Cloud App Security release 98

發行日期:2017 年 6 月 4 日Released June 4, 2017

Cloud Discovery 更新:Cloud Discovery updates:

  • 使用者現在可以對探索到的應用程式執行進階篩選。Users can now perform advanced filtering on discovered apps. 此篩選可讓您執行深入調查。Filtering enables you to perform deep investigation. 例如,根據使用量來篩選應用程式。For example, filtering apps based on usage. 有多少上傳流量來自特定類型的探索到應用程式?Wow much upload traffic from discovered apps of certain types? 有多少使用者使用特定類別的探索到應用程式?How many users used certain categories of discovered apps? 您也可以執行左面板中的複選來選取多個類別。You can also perform multi-selection in the left panel to select multiple categories.
  • 已開始推出根據常用搜尋的新 Cloud Discovery 範本,例如 "non-compliant cloud storage app"。Started roll out of new templates for Cloud Discovery that are based on popular searches such as "non-compliant cloud storage app". 這些基本篩選可以用作對探索到的應用程式執行分析的範本。These basic filters can be used as templates to perform analysis on your discovered apps.
  • 為了方便使用,您現在可以執行動作,例如透過一個動作批准和不批准多個應用程式。For ease of use, you can now do actions such as sanction and unsanction across multiple apps in one action.
  • 我們現在將推出根據 Azure Active Directory 使用者群組建立自訂探索報告的功能。We're now rolling out the ability to create custom discovery reports based on Azure Active Directory user groups. 例如,如果您想要查看行銷部門的雲端使用情況,您可以使用 [匯入使用者群組] 功能匯入行銷群組,然後為此群組建立自訂報告。For example, if you want to see the cloud use of your marketing department, you can import the marketing group using the import user group feature, then create a custom report for this group.

新功能︰New features:

  • 安全性讀取器的 RBAC 已完成推出。這項功能可讓您管理在 Cloud App Security 主控台內授與系統管理員的許可權。RBAC for Security Readers completed roll out. This feature enables you to manage the permissions you grant to your admins inside the Cloud App Security console. 根據預設,所有的 Azure Active Directory 系統管理員、Office 365 全域管理員及安全性系統管理員在入口網站中都有完整的權限。By default, all Azure Active Directory admins, Office 365 Global admins, and Security admins have full permissions in the portal. Azure Active Directory 和 Office 365 中的所有安全性讀取者在 Cloud App Security 中都有唯讀權限。All Security readers in Azure Active Directory and Office 365 have read-only access in Cloud App Security. 您可以使用 [管理存取權] 選項來新增額外的系統管理員或覆寫許可權。You can add additional admins or override permissions using the "Manage Access" option. 如需詳細資訊,請參閱管理管理員權限For more information, see Managing admin permissions.
  • 我們現在將推出 Microsoft Intelligent Security Graph 偵測到之具風險 IP 位址的詳細威脅情報報告。We're now rolling out detailed threat intelligence reports for risky IP addresses detected by Microsoft intelligent security graph. 當殭屍網路執行活動時,您會看到殭屍網路名稱 (如果有的話) 與特定殭屍網路詳細報告的連結。When an activity is performed by a botnet, you'll see the name of the botnet (if available) with a link to a detailed report about the specific botnet.

Cloud App Security 版本 97Cloud App Security release 97

發行日期:2017 年 5 月 24 日Released May 24, 2017

新功能︰New features:

  • 調查檔案和原則違規:您現在可以在 [檔案] 頁面中看到所有原則相符項目。Investigate files and policy violations: You can now see all policy matches in the Files page. 此外,已改善您的 [File Alert] (檔案警示) 頁面,現在包括特定檔案 [歷程記錄] 的個別索引標籤。Additionally, the File Alert page has been improved to now include a separate tab for History of the specific file. 這項改善可讓您向下切入到特定檔案之所有原則的違規歷程記錄。The improvement enables you to drill down into the violation history across all policies for the specific file. 每個「歷程記錄」事件都會在警示時包括檔案的快照。Every History event includes a snapshot of the file at the time of the alert. 它會指出刪除還是隔離檔案。It will include an indication of whether the file was deleted or quarantined.
  • Office 365 SharePoint 和商務用 OneDrive 檔案現在提供系統管理隔離,其為私人預覽版本。Admin quarantine is now available in private preview for Office 365 SharePoint and OneDrive for Business files. 這項功能可讓您隔離符合原則的檔案,或設定要隔離它們的自動化動作。This feature enables you to quarantine files that match policies or set an automated action to quarantine them. 隔離會將檔案從使用者的 SharePoint 目錄中移除,並將原始複本複製到您所選擇的系統管理員隔離位置。Quarantining removes the files from the user's SharePoint directory and copies the originals to the admin quarantine location you choose.

Cloud Discovery 改良功能:Cloud Discovery improvements:

  • 已改進 Cloud Discovery 對 Cisco Meraki 記錄檔的支援。Cloud Discovery support for Cisco Meraki logs has been improved.
  • 向 Cloud Discovery 建議改進的選項現在可讓您建議新的風險因素。The option to suggest an improvement to Cloud Discovery now enables you to suggest new risk factor.
  • 已改進自訂記錄剖析器,可區隔日期和時間設定來支援記錄格式,並可讓您選擇設定時間戳記。The custom log parser was improved to support log formats by separating the setting of time and date and to give you the option to set timestamp.
  • 開始推出根據 Azure Active Directory 使用者群組建立自訂探索報告的功能。Starting to roll out the ability to create custom discovery reports based on Azure Active Directory user groups. 例如,如果您想要查看行銷部門的雲端使用情況,請使用 [匯入使用者群組] 功能匯入行銷群組,然後為此群組建立自訂報告。For example, if you want to see the cloud use of your marketing department, import the marketing group using the import user group feature, and then create a custom report for this group.

其他更新:Other updates:

  • Cloud App Security 現在支援 Office 365 稽核記錄中所支援的 Microsoft Power BI 活動。Cloud App Security now includes support for the Microsoft Power BI activities that are supported in the Office 365 audit log. 這項功能正逐步推出。This feature is being rolled out gradually. 您需要在 Power BI 入口網站中啟用這項功能You need to enable this functionality in the Power BI portal.
  • 在活動原則中,您現在可以設定要對所有已連線應用程式之使用者採取的通知和暫停動作。In activity policies, you can now set notify and suspend actions to be taken on the user across all connected apps. 例如,您可以設定原則,一律通知使用者的管理員,並在使用者具有任何已連線應用程式中的多次失敗登入時立即暫停使用者。For example, you can set a policy to always notify the user's manager and suspend the user immediately whenever the user has multiple failed logins in any connected app.

OOB 版本OOB release

  • 為了快速反應横掃全球的勒索軟體,在星期日,Cloud App Security 團隊已將新的潛在的勒索軟體活動偵測原則範本新增至包括 WannaCrypt 簽章延伸模組的入口網站。In a speedy reaction to the ransomware sweeping the globe, on Sunday, the Cloud App Security team added a new Potential ransomware activity detection policy template to the portal that includes the signature extension of WannaCrypt. 建議您立即設定此原則。We advise you to the set this policy today.

Cloud App Security 96 版Cloud App Security release 96

發行日期:2017 年 5 月 8 日Released May 8, 2017

新功能︰New features:

  • 持續逐步推出「安全性讀取者」權限,可讓您管理在 Cloud App Security 主控台中授與管理員的權限。Continuing the gradual roll out of the Security Reader permission, which enables you to manage the permissions you grant to your admins inside the Cloud App Security console. 根據預設,所有的 Azure Active Directory 和 Office 365 全域管理員及安全性系統管理員在入口網站中都有完整的權限。By default, all Azure Active Directory and Office 365 Global admins and Security admins have full permissions in the portal. Azure Active Directory 和 Office 365 中的所有安全性讀取者在 Cloud App Security 中都有唯讀權限。All Security readers in Azure Active Directory and Office 365 will have read-only access in Cloud App Security. 如需詳細資訊,請參閱管理管理員權限For more information, see Managing admin permissions.
  • 已完成推出 Cloud Discovery 針對 CSV 記錄檔的使用者定義記錄檔剖析器支援。Completed roll out of Cloud Discovery support for user-defined log parsers for CSV-based logs. Cloud App Security 可提供工具來描述與特定資料相關聯的資料行,讓您針對先前不支援的設備來設定剖析器。Cloud App Security enables you to configure a parser for your previously unsupported appliances by providing you with the tools to delineate which columns correlate to specific data. 如需詳細資訊,請參閱 自訂記錄檔剖析器。For more information, see Custom log parser.


  • Cloud Discovery 現在支援 Juniper SSG 設備。Cloud Discovery now supports Juniper SSG appliances.

  • Cloud Discovery 對 Cisco ASA 記錄檔的支援已改進以獲得更好的可見度。Cloud Discovery support for Cisco ASA logs has been improved for better visibility.

  • 您現在可以在 Cloud App Security 入口網站資料表中更輕鬆地執行大量動作和選取多個記錄:頁面長度已增加以改善大量作業。You can now more easily run bulk actions and select multiple records in Cloud App Security portal tables: the page length has been increased to improve bulk operations.

  • 「域外共用 (依網域)」**** 和「共用檔案的擁有者」**** 內建報告現在可以針對 Salesforce 資料執行。The Outbound sharing by domain, and Owners of shared files built-in reports can now be run for Salesforce data.

  • 我們將開始推出其他的 Salesforce 活動,讓您能夠追蹤從活動資料所擷取的相關資訊。We're starting rollout of additional Salesforce activities enabling you to track interesting information that was extracted from the activity data. 這些活動包括檢視和編輯帳戶、潛在客戶、商機,以及各種其他相關 Salesforce 物件。These activities include viewing and editing accounts, leads, opportunities, and various other interesting Salesforce objects.

  • 新的活動已新增到 Exchange,讓您可監視已授與哪些權限給使用者信箱或信箱資料夾。New activities were added for Exchange to enable you to monitor which permissions were granted for user mailboxes or mailbox folders. 這些活動包括:These activities include:

    • 新增收件者權限Add recipient permissions
    • 移除收件者權限Remove recipient permissions
    • 新增信箱資料夾權限Add mailbox folder permissions
    • 移除信箱資料夾權限Remove mailbox folder permissions
    • 設定信箱資料夾權限Set mailbox folder permissions

    例如,您現在可以監視已授與其他使用者信箱之 SendAs 許可權的使用者,因此現在可以在其名稱中傳送電子郵件。For example, you can now monitor users who were granted SendAs permissions to other users' mailboxes and as a result can now send emails in their name.

Cloud App Security 版本 95Cloud App Security release 95

發行日期:2017 年 4 月 24 日Released April 24, 2017


  • [帳戶]**** 頁面已使用改進功能更新,讓風險偵測變得更容易。The Accounts page has been updated with improvements that make detecting risks easier. 您現在會更容易篩選內部和外部帳戶。You can now more easily filter for internal and external accounts. 看一眼就知道使用者是否具有管理權限。See at a glance whether a user has admin permissions. 您可以對每個應用程式的每個帳戶執行動作,例如移除許可權、移除使用者的共同作業、暫停使用者。You can perform actions on each account per-app such as remove permissions, remove user's collaborations, suspend user. 此外,還會顯示每個帳戶的已匯入使用者群組Additionally, imported user groups for each account will be displayed.

  • 針對 Microsoft 公司帳戶 (Office 365 和 Azure Active Directory),Cloud App Security 會將不同的使用者識別碼 (例如 Proxy 位址、別名、SID 等) 分組在單一帳戶之下。For Microsoft work accounts (Office 365 and Azure Active Directory), Cloud App Security groups different user identifiers such as proxy addresses, aliases, SID, and more under a single account. 所有與帳戶相關的別名都會出現在主要電子郵件地址下。All aliases related to an account will appear under the primary email address. 以使用者識別碼清單為基礎,凡執行者為使用者識別碼的活動,其執行者會顯示為主要使用者名稱 UPN (使用者主體名稱)。Based on the list of user identifiers, for activities whose actor is a user identifier, the actor will be displayed as the primary user name UPN (User Principal Name). 根據 UPN 指派群組並套用原則。Based on the UPN, groups will be assigned and policies applied. 這項變更會改善調查活動,並將所有相關的活動融合到異常和群組原則的相同工作階段。This change will improve investigation of activities and fuse all related activities to the same session for anomalies and group-based policies. 這項功能會在下個月陸續推出。This feature will be gradually rolled out over the next month.

  • 傀儡程式標記已新增為瀏覽器利用內建報告的可能風險因素。The Robot tag was added as a possible risk factor in the Browser Use built-in report. 現在,除了瀏覽器利用被標記為過時,您還可以看到傀儡程式何時執行瀏覽器利用。Now, in addition to browser use being tagged as outdated, you can see when browser use was performed by a robot.

  • 現在在建立內容檢查檔案原則時,您可以設定篩選器只包含至少有 50 個符合項目的檔案。When creating a content inspection file policy, you can now set the filter to include only files with at least 50 matches.

Cloud App Security 版本 94Cloud App Security release 94

發行日期:2017 年 4 月 2 日Released April 2, 2017

新功能︰New features:

  • Cloud App Security 現在已與 Azure RMS 整合。Cloud App Security is now integrated with Azure RMS. 您可以直接從 Cloud App Security 入口網站中,利用 Microsoft Rights Management 來保護 Office 365 OneDrive 和 Sharepoint Online 中的檔案。You can protect files in Office 365 OneDrive and Sharepoint Online with Microsoft Rights Management directly from the Cloud App Security portal. 此保護可以從 [檔案]**** 頁面完成。Protection can be accomplished from the Files page. 如需詳細資訊,請參閱 與 Azure 資訊保護整合For more information, see Integrating with Azure Information Protection. 未來版本中將提供對其他應用程式的支援。Support for additional applications will be available in future versions.
  • 到目前為止,當您的網路中發生傀儡程式和編目程式活動時,尤其難以辨識,因為這類活動不是由使用者在您的網路上所執行。Up until now, when robot and crawler activities take place on your network, it was especially hard to identify because the activities are not performed by a user on your network. Bot 和編目程式可以在您不知情的狀況下,於您的電腦上執行惡意的工具。Without your knowledge, bots and crawlers can run malicious tools on your computers. 現在,Cloud App Security 提供工具,讓您能夠在傀儡程式和編目程式於您的網路上執行時進行查看。Now, Cloud App Security gives you the tools to see when robots and crawlers are performing activities on your network. 您可以使用新的使用者代理程式標記來篩選活動記錄中的活動。You can use the new user agent tag to filter activities in the activity log. 使用者代理程式標記可讓您篩選傀儡程式所執行的所有活動,而您可以使用它來建立原則,以便每次偵測到這種類型的活動時警示您。The user agent tag enables you to filter all activities performed by robots and you can use it to create a policy that alerts you each time this type of activity is detected. 若未來版本以將這個具風險的活動內嵌到異常偵測警示的形式來包含它時,將為您提供最新訊息。You'll be updated when future releases will include this risky activity as embedded into the anomaly detection alerts.
  • 新的統一應用程式權限頁面可讓您更輕鬆地調查已授與使用者對協力廠商應用程式的權限。The new unified app permissions page enables you to more easily investigate the permissions your users have given to third-party apps. 藉由按一下 [調查 > 應用程式許可權],您現在可以查看使用者為協力廠商應用程式提供的擁有權限清單。By clicking on Investigate > App permissions, you can now view a list of all the permissions your users gave to third-party apps. 您可以透過每個已連線應用程式的應用程式權限頁面,更輕鬆地在各種應用程式與所授與的權限之間進行比較。A page of app permissions per connected app enables you to better compare between the various apps and the permissions granted. 如需詳細資訊,請參閱 管理應用程式許可權For more information, see Manage app permissions.
  • 您可以從隱藏式表格選單中篩選資料,更容易進行調查。You can filter data right from the table drawer for easier investigation. 在 [活動記錄]**** 中,[檔案]**** 表格和 [應用程式權限]**** 頁面現已增強且具有新的內容動作,讓您在調查過程中進行樞紐分析時能夠輕鬆許多。In the Activity log, the Files table and App permissions pages are now enhanced with new contextual actions that makes pivoting in the investigation process a lot easier. 我們也新增了設定頁面的快速連結,以及按一下就能複製資料的功能。We also added quick links to configuration pages and the ability to copy data with a single click. 如需詳細資訊,請參閱 使用檔案和活動抽屜的相關資訊。For more information, see the information about working with the file and activity drawers.
  • 已完成對 Microsoft Teams 推出 Office 365 活動記錄及警示的支援。Support for Microsoft Teams to Office 365 Activity logs and alerts rollout was completed.

Cloud App Security 版本 93Cloud App Security release 93

發行日期:2017 年 3 月 20 日Released March 20, 2017

新功能︰New features:

  • 您現在可以套用原則以包含或排除匯入的使用者群組。You can now apply policies to include or exclude imported user groups.
  • Cloud App Security Anonymization 現在可讓您設定自訂的加密金鑰。Cloud App Security Anonymization now enables you to configure a custom encryption key. 如需詳細資訊,請參閱 Cloud Discovery 匿名For more information, see Cloud Discovery anonymization.
  • 為了更充分掌控使用者與帳戶管理,您現在可以從 [帳戶]**** 頁面內直接存取每個使用者的 Azure AD 帳戶設定。In order to have more control over user and account management, you now have direct access to Azure AD account settings for each user and account from within the Account page. 只要按一下每個使用者旁的齒輪即可。Just click the cog next to each user. 這項變更可讓您更輕鬆地存取進階使用者管理功能群組管理、MFA 設定、使用者登入的相關詳細資料,以及封鎖登入的功能。This change enables easier access to advanced user management features group management, configuration of MFA, details about user sign-ins, and the ability to block sign-in.
  • 您現在可以透過 Cloud App Security API,匯出待批准應用程式的封鎖指令碼。You can now export a blocking script for unsanctioned apps via the Cloud App Security API. 了解 Cloud App Security 入口網站中的 API,方法是依序按一下功能表列中的問號及 [API 文件]****。Learn about our APIs in the Cloud App Security portal by clicking the question mark in the menu bar, followed by API documentation.
  • 適用於 ServiceNow 的 Cloud App Security App 連線程式已擴展為包含 OAuth 權杖的支援 (如 Geneva、Helsinki、Istanbul 中所引進)。The Cloud App Security app connector for ServiceNow was expanded to include support for OAuth tokens (as introduced in Geneva, Helsinki, Istanbul). 這項變更提供 ServiceNow 更健全的 API 連線,不需要仰賴部署使用者。This change provides a more robust API connection to ServiceNow that doesn't rely on the deploying user. 如需詳細資訊,請參閱 將 ServiceNow 連線到 Microsoft Cloud App SecurityFor more information, see Connect ServiceNow to Microsoft Cloud App Security. 現有的客戶可在 [ServiceNow App 連線程式] 頁面中更新其設定。Existing customers can update their settings in the ServiceNow App connector page.
  • 如果您已設定其他第三方 DLP 掃描器,DLP 掃描狀態現在將會顯示個別連線程式的狀態,以改善可見性。If you configured additional third-party DLP scanners, DLP scan status will now show the status of each connector independently to improve visibility.
  • Cloud App Security 現在支援 Office 365 稽核記錄檔中所支援的 Microsoft Teams 活動。Cloud App Security now includes support for the Microsoft Teams activities that are supported in the Office 365 audit log. 這項功能正逐步推出。This feature is being rolled out gradually.
  • 針對 Exchange Online 模擬事件,您現在可以依所使用的許可權層級(委派、系統管理員或委派的系統管理員)進行篩選。您可以搜尋活動物件專案,以搜尋顯示您在活動記錄中感興趣之模擬層級的事件 > ** **。For Exchange Online impersonation events, you can now filter by the permission level used - delegated, admin, or delegated admin. You can search for events displaying the impersonation level that interests you in the Activity log by searching for Activity objects > Item.
  • 在 Office 365 應用程式的 [應用程式權限]**** 索引標籤上的應用程式下拉式清單中,您現在可以看到每個應用程式的 [發行者]****。In the app drawer on the App Permissions tab of Office 365 apps, you can now see the Publisher of each app. 您也可以使用 [發行者] 做為篩選條件,調查來自相同發行者的其他應用程式。You can also use the Publisher as a filter for investigation of additional apps from the same publisher.
  • 「有風險的 IP 位址」現在會顯示為獨立的風險因素,而非在 [位置]**** 風險因素下加權。Risky IP addresses now show up as an independent risk factor rather than weighted under the general Location risk factor.
  • 當停用檔案上的 Azure 資訊保護標籤時,停用的標籤在 Cloud App Security 中會顯示為「已停用」。When Azure Information Protection labels are disabled on a file, the disabled labels will appear as disabled in Cloud App Security. 已刪除的標籤則不會顯示。Deleted labels won't be displayed.

其他 Salesforce 的支援︰Additional Salesforce support:

  • 您現在可在 Cloud App Security 中暫停或恢復 Salesforce 使用者的權限。You can now suspend and unsuspend Salesforce users in Cloud App Security. 此動作可在 Salesforce 連接器的 [帳戶]**** 索引標籤中完成。This action can be accomplished in the Accounts tab of the Salesforce Connector. 請按一下特定使用者資料列結尾的齒輪,然後選取 [暫時停權]**** 或 [恢復權限]****。Click the cog at the end of the row of a specific user and selectSuspend or Unsuspend. 暫時停權和恢復權限也可以在原則中當作治理動作套用。Suspend and unsuspend can also be applied as a governance action as part of a policy. 在 Cloud App Security 中採取的所有暫時停權與恢復權限的動作,都會記錄在治理記錄中。All suspend and unsuspend activities taken in Cloud App Security will be logged in the Governance log.
  • 提高 Salesforce 內容共用可見度:您現在可以看到共用檔案的共用對象,包括公開共用的檔案、與群組共用的檔案,以及與整個 Salesforce 網域共用的檔案。Improved visibility to Salesforce content sharing: You can now see which files were shared with whom, including publicly shared files, files shared with groups, and files shared with the entire Salesforce domain. 提高之可見度將回溯推出至新的與目前的已連線 Salesforce 應用程式,第一次更新此資訊時可能需要一些時間。Improved visibility will be rolled out retroactively to new and current connected Salesforce apps, it may take a while for this information to update the first time.
  • 我們改善了下列 Salesforce 事件的涵蓋範圍,並將它們與 [管理使用者]**** 活動區隔:We improved coverage for the following Salesforce events, and separated them out of the Manage users activity:
    • 編輯權限Edit permissions
    • 建立使用者Create user
    • 變更角色Change role
    • 重設密碼Reset password

Cloud App Security 版本 90、91、92Cloud App Security release 90, 91, 92

發行日期:2017 年 2 月Released February 2017

特殊公告:Special announcement:

Cloud App Security 現已通過 Microsoft 合規性的官方認證,符合 ISO、HIPAA、CSA STAR、歐盟示範條款 (EU Model Clauses) 等。Cloud App Security is now officially certified with Microsoft Compliance for ISO, HIPAA, CSA STAR, EU model clauses, and more. 您可以在 Microsoft Compliance Offerings (Microsoft 合規性供應項目) 一文中選取 [Cloud App Security],來查看完整的認證清單。See the full list of certifications in the Microsoft Compliance Offerings article by selecting Cloud App Security.

新功能︰New features:

  • 匯入使用者群組 (預覽) 現在當您使用 API 連接器連接應用程式時,Cloud App Security 可讓您從 Office 365 及 Azure Active Directory 匯入使用者群組。Import user groups (preview) When you connect apps using API connectors, Cloud App Security now enables you to import user groups, from Office 365 and Azure Active Directory. 運用匯入使用者群組的一般案例包括:調查人資人員查看的文件、檢查主管團隊中是否發生不尋常的情形,或管理團隊中是否有人在美國境外執行活動。Typical scenarios that leverage imported user groups include: investigating which docs the HR people look at, or you can check if there's something unusual happening in the executive group, or if someone from the admin group performed an activity outside the US. 如需詳細資訊和指示,請參閱匯 入使用者群組For details and instructions, see Importing user groups.

  • 您現在可以在活動記錄中篩選使用者及群組中的使用者,以顯示特定使用者是哪些活動的執行者和執行對象。In the Activity log, you can now filter users and users in groups to show which activities were performed by a specific user, and which were performed on a specific user. 舉例來說,您可以調查使用者模擬其他人的活動,以及其他人模仿該使用者的活動。For example, you can investigate activities in which the user impersonated others, and activities in which others impersonated this user. 如需詳細資訊,請參閱活動For more information, see Activities.

  • 在 [檔案]**** 頁面調查檔案時,如果您向下切入到特定檔案的 [共同作業者]****,您現在可以看到共同作業者的詳細資訊。When investigating a file in the Files page, if you drill down into the Collaborators of a specific file, you can now see more information about the collaborators. 此資訊包括他們位在內部或外部、為寫入者或讀取者 (檔案權限),且在與群組共用檔案時,您現在可以看到身為群組成員的所有使用者。This information includes if they're Internal or External, Writers or Readers (file permissions), and when a file is shared with a group you can now see all users who are members of the group. 查看所有使用者可讓您知道群組成員是否為外部使用者。Seeing all users enables you to see if the group members are external users.

  • 現在所有設備均有 IPv6 支援。IPv6 support is now available for all appliances.

  • Cloud Discovery 現在支援 Barracuda 設備。Cloud Discovery now supports Barracuda appliances.

  • Cloud App Security 系統警示線在涵蓋了 SIEM 連線錯誤。Cloud App Security system alerts now cover SIEM connectivity errors. 如需詳細資訊,請參閱 SIEM 整合For more information, see SIEM integration.

  • Cloud App Security 現在包括下列活動的支援:Cloud App Security now includes support for the following activities:

    • Office 365、SharePoint/OneDrive:更新應用程式設定、從群組中移除擁有者、刪除網站、建立資料夾Office 365, SharePoint/OneDrive: Update application configuration, Remove owner from group, Delete site, Create folder

    • Dropbox︰將成員新增到群組、從群組中移除成員、建立群組、為群組重新命名、變更團隊成員名稱Dropbox: Add member to group, Remove member from group, Create group, Rename group, Change team member name

    • Box:從群組中移除項目、更新項目共用、將使用者新增到群組、從群組中移除使用者Box: Remove item from group, Update item share, Add user to group, Remove user from group

Cloud App Security 版本 89Cloud App Security release 89

發行日期:2017 年 1 月 22 日Released January 22, 2017

新功能︰New features:

  • 我們將開始推出在 Cloud App Security 中檢視 Office 365 安全與規範中心 DLP 事件的功能。We're starting to roll out the ability to view Office 365 Security and Compliance Center DLP events in Cloud App Security. 如果您已在 Office 365 安全與規範中心中設定 DLP 原則,則偵測到原則相符項目時,將會在 Cloud App Security 活動記錄中看到它們。If you configured DLP policies in the Office 365 Security and Compliance Center, when policy matches are detected, you'll see them in the Cloud App Security Activity log. 活動記錄檔中的資訊將包括已觸發相符項目的檔案或電子郵件,以及相符的原則或警示。The information in the Activity log will include the file or email that triggered the match as and the policy or alert that it matched. [ 安全性事件 ] 活動可讓您在 Cloud App Security 活動記錄檔中,查看 OFFICE 365 DLP 原則相符專案。The Security event activity allows you to view Office 365 DLP policy matches in the Cloud App Security activity log. 您可以使用這項功能︰Using this feature, you can:

    • 查看來自 Office 365 DLP 引擎的所有 DLP 相符項目。See all DLP matches coming from the Office 365 DLP engine.
    • 警示發現特定檔案、SharePoint 網站或原則之 Office 365 DLP 原則相符項目。Alert on Office 365 DLP policy matches for a specific file, SharePoint site, or policy.
    • 調查內容較廣的 DLP 相符項目,例如,存取或下載已觸發 DLP 原則相符項目之檔案的外部使用者。Investigate DLP matches with a broader context, for example- external users who accessed or downloaded a file that triggered a DLP policy match.
  • 已改善活動描述的明確性和一致性。The activity descriptions have been improved for clarity and consistency. 每個活動現在都提供意見反應按鈕。Each activity now provides a feedback button. 如果有一些您不了解或有疑問的專案,您可以讓我們知道。If there are some things you don't understand or have a question about, you can let us know.


  • 已為 Office 365 新增治理動作,可讓您移除檔案的所有外部使用者。A new governance action was added for Office 365 that enables you to remove all external users of a file. 例如,此動作可讓您實作原則,而這些原則會從僅限內部分類的檔案中移除外部共用For instance, this action enables you to implement policies that remove external shares from files with internal only classification.
  • 改善外部使用者在 SharePoint 中的線上識別。Improved identification of external users in SharePoint online. 篩選「外部使用者」群組時, @"sharepoint" 不會顯示應用程式系統帳戶。When filtering for the "external users" group, app@"sharepoint" system account won't show up.

Cloud App Security 88 版Cloud App Security release 88

發行日期:2017 年 1 月 8 日Released January 8, 2017

新功能︰New features:

  • 將 SIEM 連接至 Cloud App Security。Connect your SIEM to Cloud App Security. 您現在可以設定 SIEM 代理程式,以將警示和活動自動傳送到您所選擇的 SIEM。You can now send alerts and activities automatically to your SIEM of choice by configuring SIEM Agents. 現在已提供進行公開預覽。Now available as a public preview. 如需完整文件和詳細資料,請查看<與 SIEM 整合>。For full documentation and details, take a look at Integrating with SIEM.
  • Cloud Discovery 現在支援 IPv6。Cloud Discovery now supports IPv6. 我們已支援 Palo Alto 和 Juniper,未來的版本將會推出更多設備。We rolled out support for Palo Alto and Juniper, and more appliances will be rolled out in future releases.


  • Cloud App Catalog 中有一個新的風險因素。There's a new risk factor in the Cloud App Catalog. 您現在可以根據是否需要使用者驗證,以對應用程式進行評分。You can now rate an app based on whether it Requires user authentication. 強制執行驗證且不允許使用匿名的應用程式,將會收到較健全的風險分數。Apps that enforce authentication and don't allow anonymous use will receive a healthier risk score.
  • 我們將會推出更實用且一致的新活動描述。We're rolling out new activity descriptions to be more usable and consistent. 搜尋活動將不會受到這項變更的影響。Searching for activities will not be affected by this change.
  • 我們已加入改善的使用者裝置識別,讓 Cloud App Security 利用裝置資訊來豐富大量事件。We included improved user-device identification, enabling Cloud App Security to enrich a larger number of events with device information.

2016 年所做的更新Updates made in 2016

Cloud App Security 版本 87Cloud App Security release 87

發行日期:2016 年 12 月 25 日Released December 25, 2016

新功能︰New features:

  • 我們正在推出資料匿名,讓您可以享受 Cloud Discovery,同時保護使用者隱私權。We're in the process of rolling out data anonymization so that you can enjoy Cloud Discovery while protecting user privacy. 資料匿名是透過加密使用者名稱資訊來執行。The data anonymization is performed by encrypting username information.
  • 我們正在推出將封鎖指令碼從 Cloud App Security 匯出到其他應用裝置的能力。We are in the process of rolling out the ability to export a blocking script from Cloud App Security to additional appliances. 這個指令碼可讓您透過封鎖流向待批准應用程式的流量,輕鬆地減少影子 IT。The script will allow you to easily reduce shadow IT by blocking traffic to unsanctioned apps. 下列項目現在可以使用這個選項:This option is now available for:
    • BlueCoat ProxySGBlueCoat ProxySG
    • Cisco ASACisco ASA
    • FortinetFortinet
    • Juniper SRXJuniper SRX
    • Palo AltoPalo Alto
    • WebsenseWebsense
  • 已新增檔案治理動作,可讓您刪除已針對檔案或資料夾所設定的任何唯一權限,來強制檔案繼承父系的權限。A new File governance action was added that enables you to force a file to Inherit permissions from parent, deleting any unique permissions that were set for the file or folder. 這個檔案治理動作可讓您將檔案或資料夾的許可權變更為繼承自父資料夾的許可權。This file governance action enables you to change your file or folder's permissions to be inherited from the parent folder.
  • 已新增稱為「外部」的使用者群組。A new user group was added called External. 此群組是 Cloud App Security 預先設定的預設使用者群組,內含不屬於您內部網域的所有使用者。This group is a default user group that is pre-configured by Cloud App Security to include all users who aren't part of your internal domains. 您可以使用這個使用者群組作為篩選。You can use this user group as a filter. 例如,您可以尋找外部使用者所執行的活動。For example, you can find activities performed by external users.
  • Cloud Discovery 功能現在支援 Sophos Cyberoam 應用裝置。The Cloud Discovery feature now supports Sophos Cyberoam appliances.

Bug 修正:Bug fixes:

  • SharePoint Online 和商務用 OneDrive 檔案已透過「內部」而非「私人」形式顯示在 [檔案] 原則報告和 [檔案] 頁面中。SharePoint online and One Drive for Business files were displayed in the File policy report and in the Files page as Internal instead of Private. 此 Bug 已修正。This bug was fixed.

Cloud App Security 版本 86Cloud App Security release 86

發行日期:2016 年 12 月 13 日Released December 13, 2016

新功能︰New features:

  • 所有 Cloud App Security 獨立授權都可讓您透過一般設定來啟用 Azure 資訊保護掃描,而不需要建立原則。All Cloud App Security standalone licenses provide you with the ability to enable Azure Information Protection scanning from the general settings (without the need to create a policy).


  • 您現在可以在檔案篩選器中使用 "or",以取得檔案和原則的檔案名和 MIME 類型篩選。You can now use "or" in the file filter for the file name and in the MIME type filter for files and policies. 這種變更可讓您在建立個人資料的原則時,輸入 "passport" 或 "driver" 這個字。This change enables scenarios such as entering the word "passport" OR "driver" when creating a policy for personal data. 篩選準則會比對檔案名中有 "passport" 或 "driver" 的任何檔案。The filter will match any file that has "passport" or "driver" in the filename.
  • 根據預設,執行 DLP 內容檢查原則時,會遮罩所產生違規中的資料。By default, when a DLP content inspection policy runs, the data in the resulting violations is masked. 您現在可以取消遮罩違規的最後四個字元。You can now unmask the last four characters of the violation.

次要改進:Minor improvements:

  • 新 Office 365 (Exchange) 信箱相關事件必須處理轉寄規則,以及新增和移除委派信箱權限。New Office 365 (Exchange) mailbox-related events having to do with forwarding rules and adding and removing delegate mailbox permissions.
  • 新事件,可在 Azure Active Directory 中稽核將同意授與新的應用程式。New event that audits the granting of consent to new apps in Azure Active Directory.

Cloud App Security 版本 85Cloud App Security release 85

發行日期 2016 年 11 月 27 日Released November 27, 2016

新功能︰New features:

  • 已區別獲批准應用程式及連線應用程式。A distinction was made between sanctioned apps and connected apps. 「獲批准」及「待批准」現在是標籤,可套用至探索到的應用程式及應用程式目錄中的任何應用程式。Sanctioning and unsanctioning is now a tag that can be applied to discovered apps and any app in the app catalog. 連線應用程式是您使用 API 連接器連線的應用程式,以便有更深入的可見度及控制。Connected apps are apps that you connected using the API connector for deeper visibility and control. 您現在可以將應用程式標記為「獲批准」或「待批准」,或在可用的情況下使用 App 連線程式將其連線。You can now tag apps as sanctioned or unsanctioned or connect them using the app connector, where available.
  • 作為此變更的一部份,[獲批准的應用程式] 頁面已由重新設計過的 [連線應用程式]**** 頁面取代,顯現出關於連接器的狀態資料。As part of this change, the Sanctioned apps page was replaced with a redesigned Connected apps page that externalizes status data about the connectors.
  • 記錄檔收集器在 [來源]**** 下的 [設定]**** 功能表內的線路中更容易存取。The log collectors are more easily accessible in their own line in the Settings menu under Sources.
  • 建立活動原則篩選時,您可以藉由在相同使用者對相同目標物件執行時選擇忽略重複的活動以減少誤判。When creating an activity policy filter, you can reduce false positives by choosing to ignore repeated activities when they're performed on the same target object by the same user. 例如,相同人員多次嘗試下載相同的檔案將不會觸發警示。For example, multiple attempts to download the same file by the same person won't trigger an alert.
  • 已改善 [活動] 下拉式清單。Improvements were made to the activity drawer. 現在,當您按一下 [活動] 下拉式清單中的 [活動物件] 時,您可以向下切入以取得更多資訊。Now, when you click on an activity object in the activity drawer, you can drill down for more information.


  • 已改善異常偵測引擎,包括不可能的移動警示,且現在可以在警示描述中看到 IP 資訊。Improvements were made to the anomaly detection engine, including the impossible travel alerts, for which IP information is now available in the alert description.
  • 已改善複雜的篩選,能夠多次新增相同的篩選來微調篩選的結果。Improvements were made to the complex filters to enable adding the same filter more than once for fine-tuning of filtered results.
  • 已分隔 Dropbox 中的檔案及資料夾活動,使可見度更佳。File and folder activities in Dropbox were separated for better visibility.

Bug 修正:Bug fixes:

  • 已修正系統警示機制中會建立誤判的 Bug。A bug in the system alerts mechanism that created false positives was fixed.

Cloud App Security 版本 84Cloud App Security release 84

發行日期 2016 年 11 月 13 日Released November 13, 2016

新功能︰New features:

  • Cloud App Security 現可支援 Microsoft Azure 資訊保護,包括強化的整合及自動佈建。Cloud App Security now supports for Microsoft Azure Information Protection including enhanced integration and autoprovisioning. 您可以使用 [標記安全分類] 篩選檔案及設定檔案原則,然後設定您想要檢視的分類標籤。You can filter your Files and set File policies using the Tag Secure Classification and then set the classification label you want to view. 標籤也會指出類別是由貴組織的人員還是其他租用戶 (外部) 的人員所設定。The labels also indicate whether the classification was set by someone in your organization or by people from another tenant (External). 您也可以根據 Azure 資訊保護分類標籤設定活動原則,並啟用自動掃描 Office 365 的分類標籤。You can also set activity policies, based on the Azure Information Protection classification labels and enable automatic scan for classification labels in Office 365. 如需如何利用此絕佳新功能的詳細資訊,請參閱與 Azure 資訊保護整合For more information on how to take advantage of this great new feature, see Integrating with Azure Information Protection.


  • 已改善 Cloud App Security 的活動記錄︰Improvements were made to the Cloud App Security activity log:
    • 安全性與相容性中心內的 Office 365 事件現已與 Cloud App Security 整合,且會出現在 [活動記錄] 中。Office 365 events from the Security and Compliance Center are now integrated with Cloud App Security and are visible in the Activity log.
    • Cloud App Security 的所有活動都在 Cloud App Security 活動記錄中作為管理活動註冊。All Cloud App Security activity is registered in the Cloud App Security activity log as administrative activity.
  • 為了協助您調查與檔案相關的警示,如今您可在每個源自檔案原則的警示中,檢視相符檔案所執行的活動清單。To help you investigate file-related alerts, in each alert that results from a file policy, you can now view the list of activities that were performed on the matched file.
  • 異常偵測引擎中的不可能移動演算法已有改善,可替小型的租用戶提供更佳的支援。The impossible travel algorithm in the anomaly detection engine was improved to provide better support for small tenants.

次要改進:Minor improvements:

  • 活動匯出限制提升至 10,000。The Activity export limit was raised to 10,000.
  • 如今您會在 Cloud Discovery 手動記錄上傳程序中建立快照集報告時,接收到精確的處理記錄所需時間預估。When creating a Snapshot report in the Cloud Discovery manual log upload process, you now receive an accurate estimate for how long the log processing will take.
  • 在檔案原則中,[移除共同作業者] 治理動作現可在群組中使用。In a file policy, the Remove collaborator governance action now works on groups.
  • [應用程式權限] 頁面有微幅改善。Minor improvements were made in the App permissions page.
  • 超過 10,000 個使用者授與連接至 Office 365 的應用程式權限時,清單載入速度即會變慢。When more than 10,000 users have granted permissions to an app that connects to Office 365, the list loaded slowly. 此緩慢問題已修正。This slowness has been fixed.
  • 已將其他屬性新增至與付款卡片產業相關的應用程式目錄Additional attributes were added to the App catalog regarding the payment card industry.

Cloud App Security 版本 83Cloud App Security release 83

發行日期:2016 年 10 月 30 日Released October 30, 2016

新功能︰New features:

  • 為了簡化活動記錄檔案記錄中的篩選功能,而合併了相似的篩選條件。To simplify filtering in the activity log and file log, similar filters have been consolidated. 使用活動篩選:[活動物件]、[IP 位址] 和 [使用者]。Use the activity filters: Activity object, IP address, and User. 使用檔案篩選條件 [共同作業者] 準確尋找您需要的內容。Use the file filter Collaborators to find exactly what you need.
  • 從隱藏式活動記錄選單中,在 [來源]**** 下按一下 [檢視未經處理資料]**** 的連結。From the activity log drawer, under Source, you can click the link for View raw data. 此動作會下載用來產生活動記錄的未經處理資料,以更進一步向下切入到應用程式事件。This action downloads the raw data used to generate the activity log for greater drill down into app events.
  • 新增 Okta 中額外登入活動的支援。Added support for additional login activities in Okta. [私人預覽][Private preview]
  • 新增 Salesforce 中額外登入活動的支援。Added support for additional login activities in Salesforce.


  • 改進 Cloud Discovery 快照集報告的可用性及疑難排解。Improved usability for Cloud Discovery snapshot reports and troubleshooting.
  • 改進警示清單中,對多個應用程式發出的警示可見度。Improved visibility in the alerts list for alerts on multiple apps.
  • 改進建立新 Cloud Discovery 連續報告時的可用性。Improved usability when creating new Cloud Discovery continuous reports.
  • 改進治理記錄的可用性。Improved usability in the Governance log.

Cloud App Security 版本 82Cloud App Security release 82

發行日期:2016 年 10 月 9 日Released October 9, 2016


  • 變更電子郵件變更密碼活動現在與 Salesforce 中的泛型管理使用者活動無關。The activities Change email and Change password are now independent from the generic Manage users activity in Salesforce.
  • 已新增 SMS 每日警示限制的釐清。Added a clarification for the SMS daily alert limit. 每個電話號碼每天 (UTC) 最多傳送 10 則訊息。A maximum of 10 messages are sent per phone number, per day (UTC).
  • 已新增憑證至取代 Safe Harbor 之「隱私盾」的 Cloud Discovery 屬性 (僅與美國廠商有關)。A new certificate was added to the Cloud Discovery attributes for Privacy Shield, which replaced Safe Harbor (relevant for US vendors only).
  • 已新增 API 連接器失敗訊息的疑難排解,讓您更輕鬆地修復問題。Troubleshooting has been added to the API connector failure messages to make it easier to remediate problems.
  • 已改善 Office 365 協力廠商應用程式掃描的更新頻率。Improvement in the update frequency of Office 365 third-party app scan.
  • 已改善 Cloud Discovery 儀表板。Improvements in the Cloud Discovery dashboard.
  • 已改善 Checkpoint Syslog 剖析器。The Checkpoint Syslog parser was improved.
  • 改善治理記錄中的禁止和取消禁止協力廠商應用程式。Improvements in the Governance Log for banning and unbanning third-party apps.

Bug 修正:Bug fixes:

  • 改善標誌上傳程序。Improved process for uploading a logo.

Cloud App Security 版本 81Cloud App Security release 81

發行日期:2016 年 9 月 18 日Released September 18, 2016


  • Cloud App Security 現在是 Office 365 中的第一方應用程式!Cloud App Security is now a first-party app in Office 365! 從現在起,只要按一下,就可以將 Office 365 連線至 Cloud App Security。From now on, you can connect Office 365 to Cloud App Security in a single click.

  • 治理記錄的新外觀 - 現在已升級成與活動記錄和檔案資料表相同的實用外觀。New look to the Governance log- it was now upgraded to the same clear a useful look as the Activity log and Files table. 使用新的篩選,輕鬆找出您的需求以及監視您的治理動作。Use the new filters to easily find what you need and monitor your governance actions.

  • 已改善異常偵測引擎的多次失敗登入和其他風險因子。Improvements were made to the anomaly detection engine for multiple failed logins and additional risk factors.

  • 已改善 Cloud Discovery 快照集報告。Improvements were made to the Cloud Discovery snapshot reports.

  • 已改善活動記錄中的管理活動;變更密碼、更新使用者、重設密碼現在指出活動是否執行為管理活動。Improvements were made to administrative activities in the activity log; Change password, Update user, Reset password now indicate whether the activity was performed as an administrative activity.

  • 已改善系統警示的警示篩選。The alert filters for system alerts were improved.

  • 警示內原則的標籤現在連結回原則報告。The label for a policy within an alert now links back to the policy report.

  • 如果未指定 Dropbox 檔案的擁有者,則會將通知電子郵件訊息傳送給您設定的收件者。If there's no owner specified for a Dropbox file, notification email messages are sent to the recipient you set.

  • Cloud App Security 支援額外的 24 種語言,以將我們的支援擴充到共 41 種語言。Cloud App Security supports an additional 24 languages extending our support to a total of 41 languages.

Cloud App Security 版本 80Cloud App Security release 80

發行日期:2016 年 9 月 4 日Released September 4, 2016


  • DLP 掃描失敗時,現在會提供 Cloud App Security 為何無法掃描檔案的解釋。When the DLP scan fails, you're now provided with an explanation of why Cloud App Security couldn't scan the file. 如需詳細資訊,請參閱內容檢查For more information, see Content Inspection.
  • 已改善異常偵測引擎,包括改善不可能的旅遊警示。Improvements were made to the anomaly detection engines, including improvements in the impossible travel alerts.
  • 已改善關閉警示體驗。Improvements were made to the dismiss alert experience. 您也可以新增意見反應,讓 Cloud App Security 小組知道警示是否相關及原因。You can also add feedback so that you can let the Cloud App Security team know whether the alert was interesting and why. 您的意見反應將用來改善 Cloud App Security 偵測。Your feedback will be used to improve the Cloud App Security detections.
  • 已增強 Cisco ASA Cloud Discovery 剖析器。The Cisco ASA Cloud Discovery parsers were improved.
  • 現在,Cloud Discovery 記錄手動上傳完成時,即可收到電子郵件通知。You now receive an email notification when your Cloud Discovery log manual upload completes.

Cloud App Security 版本 79Cloud App Security release 79

發行日期:2016 年 8 月 21 日Released August 21, 2016

新功能︰New features:

  • 新的 Cloud Discovery 儀表板 - 提供全新 Cloud Discovery 儀表板,設計目的是讓您見解如何在組織中使用雲端應用程式。New Cloud Discovery Dashboard - A brand new Cloud Discovery dashboard is available, designed to give you more insight into how cloud apps are being used in your organization. 它概述正在使用的應用程式種類、未解決的警示以及組織中應用程式的風險層級。It provides an at-a-glance overview of what kinds of apps are being used, your open alerts and the risk levels of apps in your organization. 它也可讓您知道誰是組織中的最上層應用程式使用者,並提供 App Headquarter 位置圖。It also lets you know who the top app users are in your organization and provides an App Headquarter location map. 新的「儀表板」具有多個用於篩選資料的選項,可讓您根據最感興趣的項目來產生特定檢視,並且提供容易了解的圖形,讓您一目瞭然。The new Dashboard has more options for filtering the data, to allow you to generate specific views, depending on what you're most interested in, and easy-to-understand graphics to give you the full picture at a glance.

  • 新的 Cloud Discovery 報告 - 若要檢視 Cloud Discovery 結果,您現在可以產生兩種類型的報告:快照集報告和連續報告。New Cloud Discovery reports - To view Cloud Discovery results, you can now generate two types of reports, Snapshot reports and Continuous reports. 快照集報告提供一組手動從防火牆和 Proxy 上傳之流量記錄的臨機操作可見度。Snapshot reports provide ad-hoc visibility on a set of traffic logs you manually upload from your firewalls and proxies. 連續報告顯示使用 Cloud App Security 的記錄收集器從您的網路轉送的所有記錄結果。Continuous reports show the results of all logs that are forwarded from your network using Cloud App Security's log collectors. 這些新報告提供所有資料的改良可見度、自動識別 Cloud App Security 機器學習異常偵測引擎所識別的異常使用,以及識別您使用強固且更細微原則引擎所定義的異常使用。These new reports provide improved visibility over all data, automatic identification of anomalous use as identified by the Cloud App Security machine learning anomaly detection engine, and identification of anomalous use as defined by you using the robust and granular policy engine. 如需詳細資訊,請參閱 設定 Cloud DiscoveryFor more information, see Set up Cloud Discovery.


  • 改善下列頁面中的一般使用性︰原則頁面、一般設定、郵件設定。General usability improvements in the following pages: Policy pages, General settings, Mail settings.
  • 在 [警示] 表格中,現在較容易區分讀取與未讀取警示。In the Alerts table, it's now easier to distinguish between read and unread alerts. 讀取警示的左邊會有藍色線並呈現灰色,表示您已讀取過它們。The read alerts have a blue line to the left and are grayed out to indicate that you already read them.
  • 已更新活動原則重複活動參數。The Activity policy Repeated activity parameters were updated.
  • 在 [帳戶] 頁面中,已新增使用者類型資料行,因此,您現在可以看到每個使用者所具有的使用者帳戶類型。In the Accounts page, a user Type column was added so you can now see what type of user account each user has. 使用者類型是應用程式特有的。The user types are app-specific.
  • 在 OneDrive 和 SharePoint 中,已新增檔案相關活動的近乎即時支援。Near real-time support was added for file-related activities in OneDrive and SharePoint. 檔案變更時,Cloud App Security 幾乎會立即觸發掃描。When a file changes, Cloud App Security triggers a scan almost immediately.

Cloud App Security 版本 78Cloud App Security release 78

發行日期:2016 年 8 月 7 日Released August 7, 2016


  • 從特定檔案中,您現在可以按一下滑鼠右鍵,並 [尋找相關內容]****。From a specific file, you can now right-click and Find related. 從活動記錄中,您可以使用目標物件篩選,然後選取特定檔案。From the Activity log, you can use the Target object filter then select the specific file.

  • 改善 Cloud Discovery 記錄檔剖析器 (包括新增 Juniper 和 Cisco ASA)。Improved Cloud Discovery Log file parsers, including the addition of Juniper and Cisco ASA.

  • 現在,當您關閉警示時,Cloud App Security 可讓您提供改善警示的意見。Cloud App Security now enables you to provide feedback for the improvement of alerts, when you dismiss an alert. 您可以讓我們知道為何關閉警示,來協助改善 Cloud App Security 警示功能的品質。You can help improve the quality of the Cloud App Security alert feature by letting us know why you're dismissing the alert. 例如,不感興趣、收到太多類似的警示、實際的嚴重性應該較低、警示不正確。For example, it's not interesting, you received too many similar alerts, the actual severity should be lower, the alert isn't accurate.

  • 在 [檔案原則] 檢視中,或檢視檔案時,如果您開啟隱藏式檔案選單,則已新增 [相符的原則] 的新連結。In the File policy view, or when viewing a file, when you open the file drawer, the new link to Matched policies was added. 當您按一下它時,即可檢視所有相符項目,您現在已可以全部關閉。When you click on it, you can view all the matches and you're now enabled to dismiss all.

  • 使用者所屬的組織單位現在新增至所有相關警示。The organizational unit a user belongs to is now added to all relevant alerts.

  • 現在,要讓您知道手動上傳記錄檔的處理完成時會傳送電子郵件通知。An email notification is now sent to let you know when processing completes for your manually uploaded logs.

Cloud App Security 版本 77Cloud App Security release 77

發行日期:2016 年 7 月 24 日Released July 24, 2016


  • 已改善 Cloud Discovery [匯出] 按鈕圖示的使用性。The Cloud Discovery Export button icon was improved for usability.
  • 調查活動時,如果尚未剖析使用者代理程式,則您現在可以看到未經處理資料。When investigating an activity, if the user agent wasn't parsed, you can now see the raw data.
  • 異常偵測引擎中已新增兩個新的風險因素︰Two new risk factors were added to the Anomaly Detection engine:
    • Cloud App Security 現在將殭屍網路相關 IP 位址標記和匿名 IP 位址當成風險計算的一部分。Cloud App Security now uses the IP address tags that are associated with a botnet and anonymous IP addresses as part of the calculation of Risk.
    • 現在會監視 Office 365 活動是否具有高下載率。Office 365 activity is now monitored for high-download rates. 如果 Office 365 下載率遠大於您組織 (或特定使用者) 的一般下載率,則會觸發「異常偵測」警示。If the Office 365 download rate is much higher than your organization's, or a specific user's, normal download rate, an Anomaly Detection alert is triggered.
  • Cloud App Security 現在已與新的 Dropbox 安全共用功能 API 相容。Cloud App Security is now compatible with the new Dropbox Secure Sharing functionality API.
  • 已改善將詳細資料新增至 Discovery 記錄剖析錯誤,包括:沒有雲端相關交易、所有事件都已過時、檔案損毀、記錄格式不相符。Improvements were made to add details to the Discovery log parsing errors, including: No cloud-related transactions, All events are outdated, Corrupted file, Log format doesn't match.
  • 已改善活動記錄日期篩選;它現在包含依時間進行篩選的能力。The Activity log date filter was improved; it now includes the ability to filter by time.
  • 已改善 IP 位址範圍頁面的使用性。The IP address ranges page was improved for usability.
  • Cloud App Security 現在支援 Microsoft Azure 資訊保護 (預覽版本)。Cloud App Security now includes support for Microsoft Azure Information Protection (Preview version). 您可以使用 [標記安全分類] 來篩選檔案及設定檔案原則。You can filter your Files and set File policies using the Tag Secure Classification. 然後,設定您想要檢視的分類標籤層級。Then, set the level of the classification label you want to view. 標籤也會指出類別是由貴組織的人員還是其他租用戶 (外部) 的人員所設定。The labels also indicate whether the classification was set by someone in your organization or by people from another tenant (External).

Cloud App Security 版本 76Cloud App Security release 76

發行日期:2016 年 7 月 10 日Released: July 10, 2016


  • 現在可以匯出內建報告中的使用者清單。Lists of users in built-in Reports can now be exported.
  • 改善彙總活動原則的使用性。Improved usability for aggregated activity policy.
  • 改善 TMG W3C 防火牆記錄訊息剖析器的支援。Improved support for the TMG W3C firewall log message parser.
  • 改善檔案治理動作下拉式清單的可用性,現在分成共同作業、安全性和調查動作。Improved usability for the file governance action drop-down, which is now separated into collaboration, security and investigation actions.
  • 改善 Exchange Online 活動的不可能旅遊偵測︰傳送郵件。Improved Impossible Travel detection for Exchange Online activity of: Send mail.
  • 新的標題 (軌跡) 清單已新增至 [警示] 和 [原則] 頁面頂端,方便進行瀏覽。A new list of titles (breadcrumbs) was added to the top of the Alerts and Policy pages to make navigation easier.

Bug 修正:Bug fixes:

  • 檔案原則 DLP 設定中之信用卡的預設運算式已變更為「全部︰財務︰信用卡」。The preset expression for Credit Card in the DLP setting for File Policies was changed to All: Finance: Credit Card.

Cloud App Security 版本 75Cloud App Security release 75

發行日期:2016 年 6 月 27 日Released: June 27, 2016

新功能︰New features:

  • 在不斷成長的支援 Salesforce 事件清單中新增了事件。New additions were added to our growing list of supported Salesforce events. 這些事件包括見解報告、共用連結、內容發佈、模擬登入等。Events include providing insights into reports, shared links, content distribution, impersonated login and more.
  • Cloud App Security 儀表板上的已連線應用程式圖示狀態,會與儀表板上所顯示以反映最近 30 天的應用程式狀態一致。The connected app icons on the Cloud App Security dashboard were aligned with the status of the apps as displayed on the dashboard to reflect the last 30 days.
  • 全螢幕支援。Support for full-width screens.

Bug 修正:Bug fixes:

  • SMS 警示電話號碼現在會在插入時進行驗證。SMS alert phone numbers are now validated upon insertion.

Cloud App Security 版本 74Cloud App Security release 74

發行日期:2016 年 6 月 13 日Released: June 13, 2016

  • [警示] 畫面已更新,為您提供更多資訊的概觀。The Alert screen was updated to provide you with more information at a glance. 這些更新包括能夠快速查看所有使用者活動、活動對應、相關的使用者治理記錄、觸發警示的原因描述,以及使用者頁面中的其他圖表和對應。Updates include the ability to see all user activities at a glance, a map of activities, related user governance logs, a description of the reason the alert is triggered, and additional graphs and maps from the user page.
  • Cloud App Security 產生的事件現在包括事件類型、格式、群組原則、相關的物件和描述。Events generated by Cloud App Security now include the event type, format, policy groups, related objects, and a description.
  • 針對 enterprise、OneNote、Office Online 和 Exchange Online 保護的 Office 365 應用程式,新增了新的 IP 位址標記。New IP address tags were added for Office 365 Apps for enterprise, OneNote, Office Online, and Exchange Online Protection.
  • 您現在可以選擇從主要探索功能表上傳記錄。You now have an option to upload logs from the main discovery menu.
  • IP 位址類別篩選已獲得改善。The IP address category filter was improved. Null 的 IP 位址類別現在稱為未分類。The IP address category null is now called uncategorized. 新增了稱為「沒有值」的新類別,以包含沒有 IP 位址資料的所有活動。A new category called No value was added to include all activities that have no IP address data.
  • Cloud App Security 中的安全性群組現在稱為使用者群組,以避免和 Active Directory 安全性群組混淆。Security groups in Cloud App Security are now called user groups to avoid confusion with Active Directory security groups.
  • 現在可以針對每個 IP 位址篩選,且篩選掉不含 IP 位址的事件。It's now possible to filter per IP address, and filter out events without an IP address.
  • 在活動原則與檔案原則中偵測到相符項目時,傳送通知電子郵件的設定已變更。Changes were made to the settings for notification emails sent when matches are detected in Activity Policies and File Policies. 您現在可以為您想要寄送通知副本的收件者新增電子郵件地址。You can now add email addresses for recipients you want to CC with the notification.

Cloud App Security 版本 73Cloud App Security release 73

發行日期:2016 年 5 月 29 日Released: May 29, 2016

  • 更新警示功能︰現已可為每項原則設定警示,透過電子郵件傳送或傳送簡訊。Updated alert capabilities: You can now set alerts per policy to be sent via email or sent as a text message.
  • 警示頁面︰已改善了設計,更可運用進階的解決方法選項及事件管理。Alerts page: Improved design to better enable advanced resolution options and incident management.
  • 調整原則︰您現已可利用警示,直接從警示解決方法選項移到 [原則設定] 頁面,以便更容易依警示加以調整。Adjust policy: Alerts now enable you to move from alert resolution options directly to the policy settings page to enable easier fine-tuning based on alerts.
  • 根據客戶的意見,改善了異常偵測風險分數的計算,且降低了誤判率。Improvements to anomaly detection risk score calculation and reduced false-positive rate based on customer feedback.
  • 活動記錄匯出現在包含事件識別碼、事件類別目錄與事件類型名稱。Activity log export now includes Event ID, Event Category, and Event Type Name.
  • 已改善建立原則治理動作的外觀與可用性。Improved appearance and usability of policy creation Governance Actions.
  • 已簡化 Office 365 的調查與控制 - 選擇使用 Office 365 會自動選取隸屬於 Office 365 套件的所有應用程式。Simplified investigation and control for Office 365 - Selection of Office 365 automatically selects all apps that are part of the Office 365 Suite.
  • 通知現已會傳送到連線的應用程式中所設定之電子郵件地址。Notifications are now sent to the email address as configured in the connected app.
  • 發生連線錯誤時,雲端應用程式現在提供錯誤的詳細描述。Upon connection error, a detailed description of the error is now provided by the cloud app.
  • 當檔案符合原則時,現已於檔案抽屜中提供用於存取檔案的 URL。When a file matches a policy, a URL to access the file is now provided in the file drawer.
  • 活動原則或異常偵測原則觸發警示時,會傳送新的詳細通知,提供符合項目的相關資訊。When an alert is triggered by an activity policy or an anomaly detection policy, a new detailed notification is sent that provides information about the match.
  • 中斷應用程式連接器的連線時,就會觸發自動化系統警示。An automated system alert is triggered when an app connector is disconnected.
  • 您現已可關閉及解決單一警示,或從 [警示] 頁面選取大範圍的警示。You can now dismiss and resolve a single alert or a bulk selection of alerts from within the alerts page.

Cloud App Security 版本 72Cloud App Security release 72

發行日期:2016 年 5 月 15 日Released: May 15, 2016

  • 已改善一般外觀與基礎結構,包括:General appearance and infrastructure improvements, including:

    • 有新的圖表可提供 Cloud Discovery 手動記錄上傳程序的更多協助。New diagram to provide more assistance with the Cloud Discovery manual log upload process.
    • 已改善無法辨識 (「其他」) 的記錄檔更新程序。Improved process for updating unrecognized ("Other") log files. 此程序包括讓您知道檔案需要其他檢閱的快顯視窗。This process includes a pop-up that lets you know that the file requires additional review. 您將會在資料可供使用時收到通知。You'll be notified when the data is available.
    • 調查活動與過時瀏覽器和作業系統的檔案記錄時,可反白顯示更多活動及檔案違規。More activity and file violations are highlighted when investigating an activity and file log for outdated browsers and operating systems.
  • 已改善 Cloud Discovery 記錄檔剖析器,包括加入 Cisco ASA、Cisco FWSM、Cisco Meraki 與 W3C。Improved Cloud Discovery Log file parsers, including the addition of Cisco ASA, Cisco FWSM, Cisco Meraki, and W3C.

  • 改善 Cloud Discovery 已知問題。Cloud Discovery known issue improvements.

  • 已為擁有者的網域與內部/外部聯盟加入了新的活動篩選器。New activity filters added for owner's domain and internal/external affiliation.

  • 已加入新的篩選器,您可用以搜尋任何 Office 365 物件 (檔案、資料夾、URL)。A new filter was added that enables you to search for any Office 365 object (files, folders, URLs).

  • 已加入一項功能,可設定異常偵測原則的最低風險分數。The ability was added to configure a minimal risk score for Anomaly detection policies.

  • 當您設定在違反原則時要傳送警示,現已可設定您要接到警示的最低嚴重性等級。When you set an alert to be sent when a policy is violated, you can now set a minimum severity level for which you want to be alerted. 您可以選擇為此使用貴組織的預設值,您可以設定特定的警示設定作為您組織的預設值。You can choose to use your organization's default setting for this and you can set a specific alert setting as the default for your organization.

若您遇到任何問題,我們隨時提供協助。If you run into any problems, we're here to help. 若要取得產品問題的協助或支援,請建立支援票證To get assistance or support for your product issue, please open a support ticket.