Microsoft Cloud App Security 的新功能What's new with Microsoft Cloud App Security

適用於:Microsoft Cloud App SecurityApplies to: Microsoft Cloud App Security

此文章會經常更新,讓您知道最新版 Cloud App Security 的新功能。This article is updated frequently to let you know what's new in the latest release of Cloud App Security.

RSS 摘要:將下列 URL 複製並貼上至您的摘要讀取器中,以在本頁更新時收到通知:https://docs.microsoft.com/api/search/rss?search=%22This+article+is+updated+frequently+to+let+you+know+what%27s+new+in+the+latest+release+of+Cloud+App+Security%22&locale=en-usRSS feed: Get notified when this page is updated by copying and pasting the following URL into your feed reader: https://docs.microsoft.com/api/search/rss?search=%22This+article+is+updated+frequently+to+let+you+know+what%27s+new+in+the+latest+release+of+Cloud+App+Security%22&locale=en-us

Cloud App Security 版本 182 與 183Cloud App Security release 182 and 183

發行日期:2020 年 9 月 6 日Released September 6, 2020

  • Azure 入口網站的存取與工作階段控制 GAAccess and session controls for Azure portal GA
    現已正式推出 Azure 入口網站的條件式存取應用程式控制。Conditional Access App Control for the Azure portal is now generally available. 如需設定這些控制的詳細資訊,請參閱部署指南For information about configuring these controls, see the Deployment guide.

Cloud App Security 181 版Cloud App Security release 181

發行日期:2020 年 8 月 9 日Released August 9, 2020

  • 全新 Cloud Discovery Menlo 安全性記錄檔剖析器New Cloud Discovery Menlo Security log parser
    Cloud App Security Cloud Discovery 會分析各種流量記錄,用於對應用程式進行排名和評分。Cloud App Security Cloud Discovery analyzes a wide range of traffic logs to rank and score apps. 現在 Cloud Discovery 含有內建的記錄剖析器,可支援 Menlo Security CEF 格式。Now Cloud Discovery includes a built-in log parser to support the Menlo Security CEF format. 如需支援的記錄剖析器清單,請參閱支援的防火牆與 ProxyFor a list of supported log parsers, see Supported firewalls and proxies.

  • Azure Active Directory (AD) Cloud App Discovery 名稱會顯示在入口網站中Azure Active Directory (AD) Cloud App Discovery name displays in portal
    針對 Azure AD P1 及 P2 授權,我們已將入口網站中的產品名稱更新為 Cloud App DiscoveryFor Azure AD P1 and P2 licenses, we've updated the product name in the portal to Cloud App Discovery. 深入了解 Cloud App DiscoveryLearn more about Cloud App Discovery.

Cloud App Security 179 與 180 版Cloud App Security release 179 and 180

2020 年 7 月 26 日發行Released July 26, 2020

  • 新增異常偵測:可疑的 OAuth 應用程式檔案下載活動New anomaly detection: Suspicious OAuth app file download activities
    我們擴大了異常偵測範圍,以包含 OAuth 應用程式下載的可疑活動。We've extended our anomaly detections to include suspicious download activities by an OAuth app. 您可立即使用新的偵測,並且可以自動啟用偵測功能,以在 OAuth 應用程式從 Microsoft SharePoint 或 Microsoft OneDrive 下載多個檔案,但使用對使用者來說異常的方式時發出警示。The new detection is now available out-of-the-box and automatically enabled to alert you when an OAuth app downloads multiple files from Microsoft SharePoint or Microsoft OneDrive in a manner that is unusual for the user.

  • 使用 Proxy 快取改善工作階段控制的效能 (逐步推出)Performance improvements using proxy caching for Session Controls (gradual rollout)
    我們透過改善內容快取機制,更加改進了工作階段控制的效能。We've made additional performance improvements to our session controls, by improving our content caching mechanisms. 改善後的服務更加簡化,並可在使用工作階段控制時提高回應能力。The improved service is even more streamlined and provides increased responsiveness when using session controls. 請注意,工作階段控制不會對私人內容進行快取,而是與適當標準一致,僅快取共用 (公用) 內容。Note that session controls do not cache private content, aligning with the appropriate standards to only cache shared (public) content. 如需詳細資訊,請參閱工作階段控制的運作方式For more information, see How session control works.

  • 新功能:儲存安全性設定查詢New feature: Save security configuration queries
    我們新增了為 Azure、Amazon Web Services (AWS) 和 Google Cloud Platform (GCP) 的安全性設定儀表板篩選儲存查詢的功能。We've added the ability to save queries for our security configuration dashboard filters for Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP). 藉由重複使用常用的查詢,有助您更輕鬆地進行日後的調查。This can help make future investigations even simpler by reusing common queries. 深入了解安全性設定建議Learn more about Security configuration recommendations.

  • 增強的異常偵測警示Enhanced anomaly detection alerts
    我們增加了為異常偵測警示提供的資訊,以包含相對應 MITRE ATT&CK 策略的對應。We've extended the information we provide for anomaly detection alerts to include a mapping to the corresponding MITRE ATT&CK tactic. 這項對應將協助您了解攻擊的階段和影響,並協助您進行調查。This mapping will help you understand the phase and impact of the attack and assist with your investigations. 深入了解如何調查異常偵測警示Learn more about How to investigate anomaly detection alerts.

  • 已增強偵測邏輯:勒索軟體活動Enhanced detection logic: Ransomware activity
    我們更新了勒索軟體活動的偵測邏輯,以提供改善的正確性並減少警示量。We've updated the detection logic for Ransomware activity to provide improved accuracy and reduced alert volume. 如需此異常偵測原則的詳細資訊,請參閱勒索軟體活動For more information about this anomaly detection policy, see Ransomware activity.

  • 身分識別安全性狀態報表:標籤可見度Identity Security Posture reports: Tags visibility
    我們已將實體標籤新增至身分身分識別安全性狀態報表,以提供有關實體的其他見解。We've added entity tags to Identity Security Posture reports providing additional insights about entities. 例如,敏感性標籤有助您識別風險性使用者,並設定調查的優先順序。For example, the Sensitive tag can help you identify risky users and prioritize your investigations. 深入了解調查風險性使用者Learn more about Investigating risky users.

Cloud App Security 178 版Cloud App Security release 178

2020 年 6 月 28 日發行Released June 28, 2020

  • Google Cloud Platform 的新安全性設定 (逐步推出)New security configurations for Google Cloud Platform (gradual rollout)
    我們根據 GCP CIS 基準擴充了多雲端安全性設定,以提供 Google Cloud Platform 的安全性建議。We've expanded our multi-cloud security configurations to provide security recommendations for Google Cloud Platform, based on the GCP CIS benchmark. 有了這個新功能,Cloud App Security 讓組織只要透過一個檢視,就能監視所有雲端平台的合規性狀態,包括 Azure 訂用帳戶AWS 帳戶,以及如今的 GCP 專案With this new capability, Cloud App Security provides organizations with a single view for monitoring the compliance status across all cloud platforms, including Azure subscriptions, AWS accounts, and now GCP projects.

  • 新的應用程式連接器現已 GANew app connectors GA
    我們在正式推出的 API 連接器組合中新增了下列應用程式連接器,讓您能夠更了解並掌控應用程式在組織中的使用方式:We've added the following app connectors to our portfolio of generally available API connectors, giving you more visibility into and control over how your apps are used in your organization:

  • 新的即時惡意程式碼偵測現已 GANew real-time malware detection GA
    我們擴充了工作階段控制,以在檔案上傳或下載時使用 Microsoft 威脅情報偵測潛在的惡意程式碼。We've expanded our session controls to detect potential malware using Microsoft Threat Intelligence upon file uploads or downloads. 新的偵測現已推出且現成可用,能設定成自動封鎖辨識為潛在惡意程式碼的檔案。The new detection is now generally available out-of-the-box and can be configured to automatically block files identified as potential malware. 如需詳細資訊,請參閱在上傳時封鎖惡意程式碼For more information, see Block malware on upload.

  • 使用任何 IdP 的增強型存取及工作階段控制現已 GAEnhanced access and session controls with any IdP GA
    設定了任何識別提供者的 SAML 應用程式,現已正式支援存取及工作階段控制。Access and session controls support for SAML apps configured with any identity provider is now generally available. 如需設定這些控制的詳細資訊,請參閱部署指南For information about configuring these controls, see the Deployment guide.

  • 具風險的機器調查增強功能Risky machine investigation enhancement
    Cloud App Security 提供了在影子 IT 探索調查過程中識別具風險機器的能力。Cloud App Security provides the ability to identify risky machines as part of your shadow IT discovery investigation. 現在,我們在 [機器] 頁面新增了 Microsoft Defender 進階威脅防護的 [機器風險層級],讓分析師在調查組織中的機器時更了解脈絡。Now, we've added the Microsoft Defender Advanced Threat Protection Machine risk level to the machines page giving analysts more context when investigating machines in your organization. 如需詳細資訊,請參閱在 Cloud App Security 中調查機器 (機器翻譯)。For more information, see Investigate machines in Cloud App Security.

  • 新功能:自助停用應用程式連接器 (逐步推出)New feature: Self-service disable app connector (gradual rollout)
    我們新增了在 Cloud App Security 中直接停用應用程式連接器的功能。We've added the ability to disable app connectors directly in Cloud App Security. 如需詳細資訊,請參閱停用應用程式連接器 (機器翻譯)。For more information, see Disable app connectors.

Cloud App Security 177 版Cloud App Security release 177

2020 年 6 月 14 日發行Released June 14, 2020

  • 新的即時惡意程式碼偵測 (預覽、逐步推出)New real-time malware detection (preview, gradual rollout)
    我們擴充了工作階段控制,以在檔案上傳或下載時使用 Microsoft 威脅情報偵測潛在的惡意程式碼。We've expanded our session controls to detect potential malware using Microsoft Threat Intelligence upon file uploads or downloads. 新的偵測現已可用,並可進行設定,自動封鎖辨識為潛在惡意程式碼的檔案。The new detection is now available out-of-the-box and can be configured to automatically block files identified as potential malware. 如需詳細資訊,請參閱在上傳時封鎖惡意程式碼For more information, see Block malware on upload.

  • 新增存取與工作階段控制的存取權杖支援New access token support for access and session controls
    我們已新增針對存取與工作階段控制將應用程式上線時,將存取權杖與程式碼要求視為登入的功能。We've added the ability to treat access token and code requests as logins when onboarding apps to access and session controls. 若要使用權杖,請按一下設定齒輪圖示,選取 [條件式存取應用程式控制],編輯相關的應用程式 (三個點功能表 > [編輯應用程式]),選取 [將存取權杖與程式碼要求視為應用程式登入],然後按一下 [儲存]。To use tokens, click the settings cog icon, select Conditional Access App Control, edit the relevant app (three dots menu > Edit app), select Treat access token and code requests as app logins, and then click Save. 如需將應用程式上線的詳細資訊,請參閱將任何應用程式上線並進行部署部署精選應用程式For more information about onboarding apps, see Onboard and deploy any app and Deploy featured apps.

  • 增強工作階段控制的 Proxy URL 尾碼 (逐漸推出)Enhanced proxy URL suffix for session controls (gradual rollout)
    已從 2020 年 6 月 7 日起逐步推出增強 Proxy 工作階段控制,以使用不包含具名區域的統一尾碼。On June 7, 2020, we started gradually rolling out our enhanced proxy session controls to use one unified suffix that doesn't include named regions. 例如,使用者將會看見 <AppName>.mcas.ms 尾碼,而非 <AppName>.<Region>.cas.msFor example, users will see <AppName>.mcas.ms suffix instead of <AppName>.<Region>.cas.ms. 若您會定期將網路設備或閘道中的網域加入封鎖清單,請務必將所有列在存取與工作階段控制下的網域加入允許清單。If you routinely block list domains in your network appliances or gateways, make sure you allow list all the domains listed under Access and session controls.

  • 新文件New documentation
    Cloud App Security 文件已擴充並包含下列新內容:Cloud App Security documentation has been expanded to include the following new content:

    • 使用 Cloud App Security REST API :了解我們的 API 功能,並開始整合您的應用程式與 Cloud App Security。Using the Cloud App Security REST API: Learn about our API capabilities and start integrating your applications with Cloud App Security.
    • 調查異常偵測警示 :熟悉可用的 UEBA 警示、其意義、找出所造成的風險、了解缺口的範圍,以及您可以採取哪些動作來補救這種情況。Investigate anomaly detection alerts: Get familiar with the available UEBA alerts, what they mean, identify the risk they pose, understand the scope of a breach, and the action you can take remediate the situation.

Cloud App Security 176 版Cloud App Security release 176

2020 年 5 月 31 日發行Released May 31, 2020

  • 新的活動隱私權功能New activity privacy feature
    我們已透過提供將活動設為私人的能力,以增強用更細微方式來決定所要監視使用者的能力。We've enhanced your ability to granularly determine which users you want to monitor with the ability to make activities private. 這項新功能可供以根據預設會隱藏活動的群組成員資格為基礎來指定使用者。This new feature enables you to specify users based on group membership whose activities will be hidden by default. 只有經過授權的系統管理員可選擇檢視這些私人活動,並在治理記錄中稽核每個執行個體。Only authorized admins have the option to choose to view these private activities, with each instance being audited in the governance log. 如需詳細資訊,請參閱活動隱私權For more information, see Activity privacy.

  • 與 Azure Active Directory (Azure AD) 資源庫的新整合New integration with Azure Active Directory (Azure AD) Gallery
    我們已利用與 Azure AD 的原生整合,以供可在雲端應用程式目錄中直接從應用程式巡覽至其對應的 Azure AD 資源庫應用程式,並在資源庫中進行管理。We've leveraged our native integration with Azure AD to give you the ability to navigate directly from an app in the Cloud App Catalog to its corresponding Azure AD Gallery app, and manage it in the gallery. 如需詳細資訊,請參閱使用 Azure AD 資源庫管理應用程式For more information, see Manage apps with Azure AD Gallery.

  • 在所選取原則中提供新的意見反應選項New feedback option available in selected policies
    我們想要收到意見反應及了解可提供的協助。We're interested in receiving your feedback and learning how we can help. 所以,現在新的意見反應對話方塊提供機會在建立、修改或刪除檔案、異常偵測或工作階段原則時協助改善 Cloud App Security。So now a new feedback dialog gives you the opportunity to help improve Cloud App Security, when creating, modifying, or deleting a file, anomaly detection, or session policy.

  • 增強工作階段控制的 Proxy URL 尾碼 (逐漸推出)Enhanced proxy URL suffix for session controls (gradual rollout)
    從 2020 年 6 月 7 日開始,將逐步推出增強 Proxy 工作階段控制,以使用不包含具名區域的統一尾碼。Starting June 7, 2020, we are gradually rolling out our enhanced proxy session controls to use one unified suffix that doesn't include named regions. 例如,使用者將會看見 <AppName>.mcas.ms 尾碼,而非 <AppName>.<Region>.cas.msFor example, users will see <AppName>.mcas.ms suffix instead of <AppName>.<Region>.cas.ms. 若您會定期將網路設備或閘道中的網域加入封鎖清單,請務必將所有列在存取與工作階段控制下的網域加入允許清單。If you routinely block list domains in your network appliances or gateways, make sure you allow list all the domains listed under Access and session controls.

  • 改善工作階段控制的效能 (逐步推出)Performance improvements for Session Controls (gradual rollout)
    我們已對 Proxy 服務的網路效能進行大幅度改善。We've made significant network performance improvements to our proxy service. 改善後的服務更加簡化,並可在使用工作階段控制時提高回應能力。The improved service is even more streamlined and provides increased responsiveness when using session controls.

  • 新的風險性活動偵測:異常登入失敗New risky activity detection: Unusual failed logon
    我們擴充了目前偵測具風險行為的功能。We've expanded our current capability to detect risky behavior. 新的偵測現在已現成可用且會自動啟用,以在識別異常登入嘗試失敗時發出警示。The new detection is now available out-of-the-box and automatically enabled to alert you when an unusual failed login attempt is identified. 異常的登入嘗試失敗可能表示潛在「密碼噴灑」暴力密碼破解攻擊 (也稱為「低階及緩慢」方法)。Unusual failed login attempts may be an indication of a potential password-spray brute force attack (also known as the low and slow method). 這種偵測會影響使用者的整體調查優先順序分數This detection impacts the overall investigation priority score of the user.

  • 增強的表格體驗Enhanced table experience
    我們新增了重新調整表格欄位寬度的功能,您可加寬或縮小欄位來自訂及改善檢視表格的方式。We've added the ability to resize table column widths so that you can widen or narrow columns to customize and improve the way you view tables. 您也可以透過選取表格設定功能表,並選擇 [預設寬度] 來還原原始版面配置。You also have the option to restore the original layout by selecting the table settings menu and choosing Default width.

Cloud App Security 175 版Cloud App Security release 175

2020 年 5 月 17 日發行Released May 17, 2020

  • 新增整合 Corrata 的影子 IT 探索 (預覽)New Shadow IT Discovery integration with Corrata (preview)
    我們新增了 Corrata 的原生整合,讓您透過存取應用程式,在使用及控制應用程式時能看到影子 IT。We've added native integration with Corrata providing you with Shadow IT visibility into app use and control over app access. 如需詳細資訊,請參閱整合 Cloud App Security 與 CorrataFor more information, see Integrate Cloud App Security with Corrata.

  • 新的 Cloud Discovery 記錄剖析器New Cloud Discovery log parsers
    Cloud App Security Cloud Discovery 會分析各種流量記錄,用於對應用程式進行排名和評分。Cloud App Security Cloud Discovery analyzes a wide range of traffic logs to rank and score apps. 現在 Cloud Discovery 含有內建的記錄剖析器,可支援 Corrata 與 Cisco ASA 的 FirePOWER 6.4 記錄格式。Now Cloud Discovery includes a built-in log parser to support Corrata and Cisco ASA with FirePOWER 6.4 log formats. 如需支援的記錄剖析器清單,請參閱支援的防火牆與 ProxyFor a list of supported log parsers, see Supported firewalls and proxies.

  • 增強型儀表板 (逐步推出) 此為我們入口網站設計持續改進的一部分,現在正逐漸推出改良的 Cloud App Security 儀表板。Enhanced dashboard (gradual rollout) As part of our ongoing improvements to the portal design, we are now gradually rolling out the improved Cloud App Security dashboard. 儀表板已依據您的意見反應改良,並提供具有更新內容與資料的增強型使用者體驗。The dashboard has been modernized based on your feedback and offers an enhanced user experience with updated content and data. 如需詳細資訊,請參閱增強型儀表板的漸進式部署For more information, see Gradual deployment of our enhanced dashboard.

  • 增強型控管:確認使用者遭盜用的異常偵測Enhanced governance: Confirm User Compromised for anomaly detections
    我們擴充了目前的異常原則治理動作,以納入確認使用者遭盜用,讓您能夠主動保護環境並防範可疑的使用者活動。We've expanded our current governance actions for anomaly policies to include Confirm User Compromised allowing you to proactively protect your environment from suspicious user activity. 如需詳細資訊,請參閱活動控管動作For more information, see Activity governance actions.

Cloud App Security 173 與 174 版Cloud App Security release 173 and 174

發行日期:2020 年 4 月 26 日Released April 26, 2020

  • 新的 SIEM 代理程式 CEF 格式警示New SIEM agent CEF format for alerts
    我們為了在一般 SIEM 伺服器所使用的 CEF 檔案中提供豐富的警示資訊,而擴充了格式,以加入下列用戶端欄位:As part of our effort to enrich the alert information provided in the CEF files used by generic SIEM servers, we've extended the format to include the following client fields:
    • IPv4 位址IPv4 address

    • IPv6 位址IPv6 address

    • IP 位址位置IP address location

      如需詳細資訊,請參閱 CEF 檔案格式For more information, see CEF file format.

  • 已增強偵測邏輯:不可能的移動Enhanced detection logic: Impossible travel
    我們已更新不可能的移動的偵測邏輯,以提供改善的正確性並減少警示量。We've updated the detection logic for impossible travel to provide improved accuracy and reduced alert volume. 如需有關此異常偵測原則的詳細資訊,請參閱不可能的移動For more information about this anomaly detection policy, see Impossible travel.

Cloud App Security 172 版Cloud App Security release 172

發行日期:2020 年 4 月 5 日Released April 5, 2020

  • 使用任何 IdP 的增強型存取與工作階段控制 (預覽)Enhanced access and session controls with any IdP (preview)
    存取與工作階段控制現在支援使用任何識別提供者所設定的 SAML 應用程式。Access and session controls now support SAML apps configured with any identity provider. 這個新功能的公開預覽現正逐漸推出。若要設定這些控制措施,請參閱部署指南The public preview of this new feature is now gradually rolling out. To configure these controls, see the Deployment guide.
  • 使用者與電腦的新大量去匿名化New bulk deanonymization of users and machines
    我們擴充並簡化了一或多個調查中使用者與機器的去匿名化流程。We've expanded and simplified the process of deanonymizing one or more users and machines under investigation. 如需大量去匿名化的詳細資訊,請參閱資料匿名化的運作方式For more information about bulk deanonymization, see How data anonymization works.

Cloud App Security 170 與 171 版Cloud App Security release 170 and 171

發行日期:2020 年 3 月 22 日Released March 22, 2020

  • 新增異常偵測:雲端資源的不尋常區域 (預覽)New anomaly detection: Unusual region for cloud resource (preview)
    我們擴充了目前為 AWS 偵測異常行為的功能。We've expanded our current capability to detect anomalous behavior for AWS. 新的偵測現在已現成可用,而且會自動啟用以在於 AWS 區域中建立資源 (通常不會執行此活動) 時發出警示通知您。The new detection is now available out-of-the-box and automatically enabled to alert you when a resource is created in an AWS region where the activity is not normally performed. 攻擊者通常會利用組織的 AWS 信用額度來執行惡意活動,例如密碼編譯採礦。Attackers often leverage an organization's AWS credits to perform malicious activities such as crypto-mining. 偵測這種異常行為有助於減輕攻擊。Detecting such anomalous behavior can help mitigate an attack.

  • 適用於 Microsoft Teams 的新活動原則範本New activity policy templates for Microsoft Teams
    Cloud App Security 現在提供下列新的活動原則範本,可讓您在 Microsoft Teams 中偵測潛在的可疑活動:Cloud App Security now provides the following new activity policy templates enabling you to detect potentially suspicious activities in Microsoft Teams:

    • 存取層級變更 (Teams): 當小組的存取層級從私人變更為公用時會發出警示。Access level change (Teams): Alerts when a team's access level is changed from private to public.
    • 新增了外部使用者 (Teams): 當有外部使用者新增至小組時會發出警示。External user added (Teams): Alerts when an external user is added to a team.
    • 大量刪除 (Teams): 當使用者刪除大量小組時會發出警示。Mass deletion (Teams): Alerts when a user deletes a large number of teams.
  • Azure Active Directory (Azure AD) Identity Protection IntegrationAzure Active Directory (Azure AD) Identity Protection Integration
    您現在可以控制內嵌到 Cloud App Security 之 Azure AD Identity Protection 警示的嚴重性。You can now control the severity of Azure AD Identity Protection alerts that are ingested into Cloud App Security. 此外,如果您尚未啟用 Azure AD 有風險的登入偵測,則會自動啟用偵測以內嵌高嚴重性警示。Additionally, if you haven't already enabled the Azure AD Risky sign-in detection, the detection will be automatically enabled to ingest high severity alerts. 如需詳細資訊,請參閱 Azure Active Directory Identity Protection 整合For more information, see Azure Active Directory Identity Protection integration.

Cloud App Security 169 版Cloud App Security release 169

發行日期:2020 年 3 月 1 日Released March 1, 2020

  • 新的 Workday 偵測New detection for Workday
    我們擴充了目前的 Workday 異常行為警示。We've expanded our current anomalous behavior alerts for Workday. 新警示包含下列使用者地理位置偵測:The new alerts include the following user geolocation detections:

  • 增強 Salesforce 記錄收集Enhanced Salesforce log collection
    Cloud App Security 現在已可支援 Salesforce 的每小時事件記錄。Cloud App Security now supports Salesforce's hourly event log. 每小時事件記錄可以更快並近乎即時地監視使用者活動。Hourly event logs give you accelerated, near real-time monitoring of user activities. 如需詳細資訊,請參閱連線到 SalesforceFor more information, see Connect Salesforce.

  • 支援使用主帳戶的 AWS 安全性設定Support for AWS security configuration using a master account
    Cloud App Security 現在已可支援使用主帳戶。Cloud App Security now supports using a master account. 連接您的主帳戶讓您可以接收所有區域中,所有成員帳戶的安全性建議。Connecting your master account allows you to receive security recommendations for all member accounts across all regions. 如需如何連線到主帳戶的詳細資訊,請參閱如何連接 AWS 安全性設定與 Cloud App SecurityFor more information about connecting with a master account, see How to connect AWS Security configuration to Cloud App Security.

  • 支援新式瀏覽器的工作階段控制Session controls support for modern browsers
    Cloud App Security 的工作階段控制現在已可支援採用 Chromium 的新 Microsoft Edge 瀏覽器。Cloud App Security session controls now includes support for the new Microsoft Edge browser based on Chromium. 我們仍會為最新幾版的 Internet Explorer 及舊版的 Microsoft Edge 提供有限的支援,建議使用新的 Microsoft Edge 瀏覽器。Whilst we'll continue supporting the most recent versions of Internet Explorer and the legacy version of Microsoft Edge, the support will be limited and we recommend using the new Microsoft Edge browser.

Cloud App Security 165、166、167 與 168 版Cloud App Security release 165, 166, 167, and 168

發行日期:2020 年 2 月 16 日Released February 16, 2020

  • 使用 Microsoft Defender ATP 新增封鎖待批准的應用程式New block unsanctioned apps with Microsoft Defender ATP
    Cloud App Security 已擴充其與 Microsoft Defender 進階威脅防護 (ATP) 的原生整合。Cloud App Security has extended its native integration with Microsoft Defender Advanced Threat Protection (ATP). 您現在可以使用 Microsoft Defender ATP 的網路保護功能,來封鎖對標示為待批准之應用程式的存取。You can now block access to apps marked as unsanctioned using Microsoft Defender ATP's network protection capability. 如需詳細資訊,請參閱封鎖存取待批准的雲端應用程式For more information, see Block access to unsanctioned cloud apps.

  • 新增 OAuth 應用程式異常偵測New OAuth app anomaly detection
    我們擴充了目前偵測惡意 OAuth 應用程式同意的功能。We've expanded our current capability to detect malicious OAuth app consent. 新的偵測現可立即使用且會自動啟用,以便在您的環境中有潛在惡意的 OAuth 應用程式獲得授權時,向您發出警示。The new detection is now available out-of-the-box and automatically enabled to alert you when a potentially malicious OAuth app is authorized in your environment. 此偵測會利用 Microsoft 安全性研究與威脅情報專業知識來識別惡意應用程式。This detection leverages Microsoft security research and threat intelligence expertise to identify malicious apps.

  • 記錄收集器更新Log collector updates
    以 Docker 為基礎的記錄收集器已使用下列重要更新來增強:The Docker-based log collector was enhanced with the following important updates:

    • 容器 OS 版本升級Container OS version upgrade

    • Java 安全性弱點修補程式Java security vulnerabilities patches

    • Syslog 服務升級Syslog service upgrade

    • 穩定性與效能提升Stability and performance improvements

      強烈建議您將環境升級至這個新版本。We strongly recommend that you upgrade your environment to this new version. 如需詳細資訊,請參閱記錄收集器部署模式For more information, see Log collector deployment modes.

  • 支援 ServiceNow New YorkSupport for ServiceNow New York
    Cloud App Security 現在支援 ServiceNow 的最新版本 (New York)。Cloud App Security now supports the latest version (New York) of ServiceNow. 若要了解如何保護 ServiceNow,請參閱將 ServiceNow 連線至 Microsoft Cloud App SecurityTo learn about securing ServiceNow, see Connect ServiceNow to Microsoft Cloud App Security.

  • 已增強偵測邏輯:不可能的移動Enhanced detection logic: Impossible travel
    我們已更新進行不可能移動的偵測邏輯,以提供增強的涵蓋範圍與更好的精確度。We've updated the detection logic for impossible travel to provide enhanced coverage and better accuracy. 在此更新過程中,我們也更新了從公司網路進行不可能移動的偵測邏輯。As part of this update, we also updated the detection logic for impossible travel from corporate networks.

  • 新增活動原則的閾值New threshold for activity policies
    我們新增了活動原則的閾值,可協助您管理警示的數量。We've added a threshold for activity policies to help you manage the volume of alerts. 系統會自動停用在數天內觸發大量相符項目的原則。Policies that trigger a large volume of matches for several days are automatically disabled. 如果您收到有關這點的系統警示,則應嘗試透過新增其他篩選條件來縮小原則範圍,或者,如果您將原則用於報告用途,請考慮改為將其儲存為查詢。If you receive a system alert about this, you should try refining policies by adding additional filters or, if you are using policies for reporting purposes, consider saving them as queries instead.

Cloud App Security 版本 162、163 與 164Cloud App Security release 162, 163, and 164

發行日期:2019 年 12 月 8 日Released December 8, 2019

  • 變更為 CEF 格式的 SIEM 活動和警示Change to SIEM activities and alerts in CEF format
    由 Cloud App Security 傳送給 SIEM 的活動與警示資訊的入口網站 URL 格式 (CS1) 已變更為 https://<tenant_name>.portal.cloudappsecurity.com,且不再包含資料中心位置。The portal URL format (CS1) for activity and alert information sent by Cloud App Security to SIEMs has changed to https://<tenant_name>.portal.cloudappsecurity.com and no longer contains the data center location. 針對入口網站 URL 使用模式比對的客戶應更新模式以反映此變更。Customers using pattern matching for the portal URL should update the pattern to reflect this change.

Cloud App Security 版本 160 和 161Cloud App Security release 160 and 161

發行日期:2019 年 11 月 3 日Released November 3, 2019

  • 探索 Azure Sentinel 中的資料 (預覽)Discovery data in Azure Sentinel (preview)
    Cloud App Security 現在與 Azure Sentinel 整合。Cloud App Security now integrates with Azure Sentinel. 與 Azure Sentinel 共用警示和探索資料提供了以下優點:Sharing alert and discovery data with Azure Sentinel provides the following benefits:

    • 實現探索資料與其他資料來源的相互關聯,來獲得更深入的分析。Enable correlation of discovery data with other data sources for deeper analysis.

    • 利用現成的儀表板在 Power BI 中檢視資料,或是建置自己的視覺效果。View data in Power BI with out-of-the-box dashboards or build your own visualizations.

    • 利用 Azure 監視器記錄享有更長的保留期間。Enjoy longer retention periods with Log Analytics.

    如需詳細資訊,請參閱 Azure Sentinel 整合For more information, see Azure Sentinel integration.

  • Google Cloud Platform 連接器 (預覽)Google Cloud Platform connector (preview)
    Cloud App Security 正在將其 IaaS 監視功能延伸到 Amazon Web Services 與 Azure 之外,且現在支援 Google Cloud Platform。Cloud App Security is extending its IaaS monitoring capabilities beyond Amazon Web Services and Azure and now supports Google Cloud Platform. 這可讓您使用 Cloud App Security 順暢地連線及監視所有 GCP 工作負載。This enables you to seamlessly connect and monitor all your GCP workloads with Cloud App Security. 連線會為您提供一組強大的工具來保護 GCP 環境,其中包括:The connection provides you with a powerful set of tools to protect your GCP environment, including:

    • 透過管理主控台和 API 呼叫所執行全部活動的可見度。Visibility into all activities performed through the admin console and API calls.

    • 能夠對具風險事件建立自訂原則和使用預先定義的範本。Ability to create custom policies and use predefined templates to alert on risky events.

    • GCP 的所有活動均由我們的異常偵測引擎涵蓋,並會自動警示任何可疑的行為,例如不可能的移動、可疑的群體活動以及來自新國家/地區的活動。All GCP activities are covered by our anomaly detection engine and will automatically alert on any suspicious behavior, such as impossible travel, suspicious mass activities, and activity from a new country.

    如需詳細資訊,請參閱將 Google Cloud Platform 連線至 Microsoft Cloud App SecurityFor more information, see Connect Google Cloud Platform to Microsoft Cloud App Security.

  • 新原則範本New policy templates
    Cloud App Security 現在包含新的內建活動原則範本,可用於 Google Cloud Platform 安全性最佳做法。Cloud App Security now includes new built-in Activity policy templates for Google Cloud Platform security best practices.

  • 增強的 Cloud Discovery 記錄剖析器Enhanced Cloud Discovery log parser
    Cloud App Security Cloud Discovery 會分析各種流量記錄,用於對應用程式進行排名和評分。Cloud App Security Cloud Discovery analyzes a wide range of traffic logs to rank and score apps. Cloud Discovery 的內建記錄剖析器現在支援 Ironport WSA 10.5.1 記錄格式。Now Cloud Discovery's built-in log parser supports the Ironport WSA 10.5.1 log format.

  • 工作階段控制的可自訂使用者登陸頁面Customizable user landing page for session controls
    我們已推出的功能可讓系統管理員將登陸頁面個人化,讓使用者能在瀏覽至工作階段原則所套用的應用程式時看到個人化的登陸頁面。We've launched the ability for admins to personalize the landing page that your users see when navigating to a app that a Session policy is applied to. 您現在可以顯示組織的標誌,以及自訂顯示的訊息。You can now display your organization's logo and customize the message shown. 若要開始自訂,請前往 [設定] 頁面,接著在 [Cloud Access App Control] (雲端存取應用程式控制) 中選取 [使用者監視]。To start customizing, go to the Settings page, and under Cloud Access App Control, select User monitoring.

  • 新增偵測New detections

    • 可疑的 AWS 登入服務變更 (預覽) :當有使用者對 CloudTrail 記錄服務進行變更時向您發出警示。Suspicious AWS logging service changes (preview): Alerts you when a user makes changes to the CloudTrail logging service. 舉例來說,攻擊者經常會關閉 CloudTrail 中的稽核來隱藏其攻擊的痕跡。For example, attackers often turn off auditing in CloudTrail to hide the footprints of their attack.

    • 多 VM 建立活動:當使用者執行數目異常的 VM 建立活動 (相較於已學到的基準) 時顯示警示通知您。Multiple VM creation activities: Alerts you when a user performs an unusual number of VM creation activities, compared to the learned baseline. 現在適用於 AWS。Now applies to AWS.

Cloud App Security 159 版Cloud App Security release 159

發行日期:2019 年 10 月 6 日Released October 6, 2019

  • 新的 Cloud Discovery ContentKeeper 記錄剖析器New Cloud Discovery ContentKeeper log parser
    Cloud App Security Cloud Discovery 會分析各種流量記錄,用於對應用程式進行排名和評分。Cloud App Security Cloud Discovery analyzes a wide range of traffic logs to rank and score apps. 現在 Cloud Discovery 含有內建的記錄剖析器,可支援 ContentKeeper 記錄格式。Now Cloud Discovery includes a built-in log parser to support ContentKeeper log formats. 如需支援的記錄剖析器清單,請參閱支援的防火牆與 ProxyFor a list of supported log parsers, see Supported firewalls and proxies.

  • 新增偵測New Detections
    現在預設提供下列新的異常偵測原則,而且這些原則會自動啟用:The following new anomaly detection policies are available out-of-the-box and automatically enabled:

    • 可疑的電子郵件刪除活動 (預覽)Suspicious email deletion activity (preview)
      當使用者執行不尋常的電子郵件刪除活動時顯示警示通知您。Alerts you when a user performs unusual email deletion activities. 此原則可協助您偵測可能被潛在攻擊向量 (例如電子郵件上的命令與控制通訊 (C&C/C2)) 所入侵的使用者信箱。This policy can help you detect user mailboxes that may be compromised by potential attack vectors such as command-and-control communication (C&C/C2) over email.

    • 多個 Power BI 報表共用 (預覽)Multiple Power BI report sharing (preview)
      當使用者執行數目異常的 Power BI 報表共用活動 (相較於已學到的基準) 顯示警示通知您。Alerts you when a user performs an unusual number of Power BI report sharing activities, compared to the learned baseline.

    • 多個 VM 建立活動 (預覽)Multiple VM creation activities (preview)
      當使用者執行數目異常的 VM 建立活動 (相較於已學到的基準) 時顯示警示通知您。Alerts you when a user performs an unusual number of VM creation activities, compared to the learned baseline. 目前適用於 Azure。Currently applies to Azure.

    • 多個儲存體刪除活動 (預覽)Multiple storage deletion activities (preview)
      當使用者執行數目異常的儲存體刪除活動 (相較於已學到的基準) 時顯示警示通知您。Alerts you when a user performs an unusual number of storage deletion activities, compared to the learned baseline. 目前適用於 Azure。Currently applies to Azure.

Cloud App Security 158 版Cloud App Security release 158

發行日期:2019 年 9 月 15 日Released September 15, 2019

  • 自訂 Cloud Discovery 執行報告名稱Customize Cloud Discovery executive report name
    Cloud Discovery 執行報告提供影子 IT 在組織中使用情形的概覽。The Cloud Discovery executive report provides you with an overview of Shadow IT use across your organization. 您現在可以選擇在產生報表之前自訂其名稱。You now have the option to customize the report name before generating it. 如需詳細資訊,請參閱產生 Cloud Discovery 執行報告For more information, see Generate Cloud Discovery executive report.

  • 新的原則概觀報告New policies overview report
    Cloud App Security 會偵測原則相符項目,並根據定義記錄警示,讓您可以用來更深入了解您的雲端環境。Cloud App Security detects policy matches and, where defined, logs alerts that you can use to understand your cloud environment more deeply. 現在您可以匯出原則概觀報告,其中顯示每個原則的彙總警示計量,協助您監視、了解及自訂您的原則,以更有效地保護您的組織。Now you can export a policies overview report showing aggregated alert metrics per policy to help you monitor, understand, and customize your policies to better protect your organization. 如需匯出報表的詳細資訊,請參閱原則概觀報告For more information about exporting the report, see Policies overview report.

Cloud App Security 157 版Cloud App Security release 157

發行日期:2019 年 9 月 1 日Released September 1, 2019

  • 提醒:TLS 1.0 與 1.1 的支援將於 9 月 8 日終止Reminder: End of support for TLS 1.0 and 1.1 on September 8
    Microsoft 正在將其所有線上服務移至傳輸層安全性 (TLS) 1.2 +,以提供最高等級的加密。Microsoft is moving all its online services to Transport Layer Security (TLS) 1.2+ to provide best-in-class encryption. 因此,從 2019 年 9 月 8 日起,Cloud App Security 將不再支援 TLS 1.0 與 1.1,且不支援使用這些通訊協定的連線。Therefore, as of September 8, 2019 Cloud App Security will no longer support TLS 1.0 and 1.1 and connections using these protocols will not be supported. 如需變更如何影響您的詳細資訊,請參閱我們的部落格文章 (英文)。For more information about how the change affects you, see our blog post.

  • 新增偵測 - 可疑的 Microsoft Power BI 共用 (預覽)New detection – Suspicious Microsoft Power BI sharing (preview)
    全新的可疑 Power BI 報告共用原則現已可供使用;當具潛在敏感的 Power BI 報告在組織外部發生可疑共用時,即會自動啟用以提供警示。The new suspicious Power BI report sharing policy is now available out-of-the-box and automatically enabled to alert you when a potentially sensitive Power BI report is suspiciously shared outside of your organization.

  • OAuth 應用程式稽核的全新匯出功能New export feature for OAuth app auditing
    Cloud App Security 會稽核入口網站中的所有 OAuth 授權活動,為您全方位監視與調查所執行的活動。Cloud App Security audits all OAuth authorization activities to provide you with comprehensive monitoring and investigation of activities performed. 現在,您也可以匯出特定 OAuth 應用程式的授權使用者詳細資料,以掌握更多使用者資訊,並用於進一步的分析。Now you can also export the details of users that authorized a specific OAuth app, providing you with additional information on the users, which you can then use for further analysis.

  • 增強 Okta 事件稽核Enhanced Okta event auditing
    Cloud App Security 現可支援 Okta 發行的 System Log API。Cloud App Security now supports the new System Log API released by Okta. 如需連線至 Okta 的詳細資訊,請參閱與 Okta 連線For more information about connecting Okta, see Connect Okta.

  • Workday 連接器 (預覽)Workday connector (preview)
    Workday 現已提供全新的應用程式連接器。A new app connector is now available for Workday. 現在,您可以將 Workday 連線到 Cloud App Security 以監視並保護其使用者與活動。You can now connect Workday to Cloud App Security to monitor activities and protect its users and activities. 如需詳細資訊,請參閱與 Workday 連線For more information, see Connect Workday.

  • 增強對「密碼原則」風險因素的評量Enhanced assessment for the "Password policy" risk factor
    Cloud App Catalog 現可提供對密碼原則風險因素的細微評定。The Cloud App Catalog now provides granular assessment for the Password policy risk factor. 將滑鼠停留在其資訊圖示上,即可查看應用程式實施的特定原則細項。By hovering over its information icon, you can see a breakdown of the specific policies that are enforced by the app.

Cloud App Security 156 版Cloud App Security release 156

發行日期:2019 年 8 月 18 日Released August 18, 2019

  • 新的 Cloud Discovery 記錄剖析器New Cloud Discovery log parsers
    Cloud App Security Cloud Discovery 會分析各種流量記錄,用於對應用程式進行排名和評分。Cloud App Security Cloud Discovery analyzes a wide range of traffic logs to rank and score apps. 現在 Cloud Discovery 含有內建的記錄剖析器,可支援 Stormshield 和 Forcepoint LEEF 記錄格式。Now Cloud Discovery includes a built-in log parser to support Stormshield and Forcepoint LEEF log formats.

  • 活動記錄增強功能Activity log enhancements
    Cloud App Security 現在可讓您更清楚掌握環境中應用程式執行的未分類活動。Cloud App Security now provides you with greater visibility into unclassified activities performed by apps in your environment. 這些活動會提供在活動記錄和活動原則中。These activities are available in the Activity log and also in Activity policies. 若要查看未分類的活動,請在 [類型] 篩選中選取 [未指定]。To see unclassified activities, in the Type filter select Unspecified. 如需活動篩選的詳細資訊,請參閱 Activity filters and queries (活動篩選和查詢)。For more information about activity filters, see Activity filters and queries.

  • 具風險的使用者調查增強功能Risky user investigation enhancement
    Cloud App Security 可讓您在 [使用者和帳戶] 頁面上依特定群組、應用程式甚至角色來識別具風險的使用者。Cloud App Security provides the ability to identify risky users on the Users and accounts page by specific groups, apps, and even roles. 現在您也可以依照調查優先順序分數來調查組織中的使用者。Now you can also investigate the users in your organization by their Investigation priority score. 如需詳細資訊,請參閱了解調查優先順序分數For more information, see Understand the investigation priority score.

  • 活動原則增強功能Activity policy enhancements
    您現在可以根據活動物件來建立活動原則警示。You can now create activity policy alerts based on activity objects. 例如,這項功能可讓您建立 Azure Active Directory 系統管理角色變更的警示。For example, this capability allows you to create alerts on changes to Azure Active Directory administrative roles. 如需活動物件的詳細資訊,請參閱Activity filters (活動篩選)。For more information about activity objects, see Activity filters.

Cloud App Security 155 版Cloud App Security release 155

發行日期:2019 年 8 月 4 日Released August 4, 2019

  • 新原則範本New policy templates
    Cloud App Security 現在包含新的內建活動原則範本,可用於 AWS 安全性最佳做法。Cloud App Security now includes new built-in Activity policy templates for AWS security best practices.

  • 注意:TLS 1.0 與 1.1 的支援將於 9 月 8 日終止Notice: End of support for TLS 1.0 and 1.1 on September 8
    Microsoft 正在將其所有線上服務移至傳輸層安全性 (TLS) 1.2 +,以提供最高等級的加密。Microsoft is moving all its online services to Transport Layer Security (TLS) 1.2+ to provide best-in-class encryption. 因此,從 2019 年 9 月 8 日起,Cloud App Security 將不再支援 TLS 1.0 與 1.1,且不支援使用這些通訊協定的連線。Therefore, as of September 8, 2019 Cloud App Security will no longer support TLS 1.0 and 1.1 and connections using these protocols will not be supported. 如需變更如何影響您的詳細資訊,請參閱我們的部落格文章 (英文)。For more information about how the change affects you, see our blog post.

  • 互動式登入活動的增強邏輯 (逐步推出)Enhanced logic for interactive sign-in activities (gradual rollout)
    我們會逐步推出新邏輯,以識別 Azure Active Directory 登入活動是否為互動式。We are gradually rolling out new logic to identify if an Azure Active Directory sign-in activity is interactive. 新邏輯會增強 Cloud App Security 只顯示使用者所起始之登入活動的能力。The new logic enhances Cloud App Security's ability to only surface sign-in activities that are initiated by a user.

Cloud App Security 154 版Cloud App Security release 154

2019 年 7 月 21 日發佈Released July 21, 2019

  • 為任何應用程式建立及部署條件式存取應用程式控制現已 GAOnboard and deploy Conditional Access App Control for any app is now GA
    自從上個月預覽所有應用程式的條件式存取應用程式控制以來,我們收到了大量意見反應並很高興宣佈 GA。Since previewing Conditional Access App Control for any app last month, we've received tremendous feedback and are excited to announce GA. 這項新功能可讓您部署任何 Web 應用程式,使其使用工作階段與存取原則,以進行強大的即時監視與控制。This new capability allows you to deploy any web app to work with session and access policies, enabling powerful real-time monitoring and control.

  • AWS 的安全性設定評定Security configuration assessment for AWS
    Cloud App Security 正逐步推出取得您 Amazon Web Services 環境 CIS 合規性安全性設定評定的功能,以及提供遺失設定和安全性控制的建議。Cloud App Security is gradually rolling out the ability to get a security configuration assessment of your Amazon Web Services environment for CIS compliance, and provides recommendations for missing configurations and security controls. 這項功能可為組織提供單一檢視,來監視所有已連線 AWS 帳戶的合規性狀態。This ability provides organizations with a single view for monitoring the compliance status for all connected AWS accounts.

  • OAuth 應用程式異常偵測OAuth app anomaly detections
    我們擴充了目前偵測可疑 OAuth 應用程式的功能。We've expanded our current capability to detect suspicious OAuth apps. 四個新偵測現已可用,會分析在您組織內授權之 OAuth 應用程式的中繼資料,來找出可能有惡意的項目。Four new detections are now available out-of-the-box that profile the metadata of OAuth apps authorized in your organization to identify ones that are potentially malicious.

Cloud App Security 153 版Cloud App Security release 153

發行日期:2019 年 7 月 7 日Released July 7, 2019

  • 加強的 Dropbox 支援Enhanced Dropbox support
    Cloud App Security 現在支援 Dropbox 的垃圾桶治理動作 – 您可以在執行檔案原則期間手動或自動使用這個治理動作。Cloud App Security now supports the Trash governance action for Dropbox – This governance action can be used manually or automatically as part of a file policy.

  • 適用於雲端存取應用程式控制的新精選功能New featured apps for Cloud Access App Control
    下列精選應用程式的條件式存取應用程式控制現在已公開推出:Conditional Access App Control for the following featured apps is now generally available:

    • 商務用 OneDriveOneDrive for Business
    • SharePoint OnlineSharePoint Online
    • Azure DevOpsAzure DevOps
    • Exchange OnlineExchange Online
    • Power BIPower BI
  • 授權被識別為惡意程式碼的檔案Authorize files identified as malware
    Cloud App Security 會掃描來自您已連線應用程式的檔案,以尋找 DLP 暴露與惡意程式碼。Cloud App Security scans files from your connected apps for DLP exposure and malware. 您現在可以授權被識別為惡意程式碼但經調查之後確認安全的檔案。You can now authorize files that have been identified as malware but were confirmed safe following an investigation. 授權檔案會將它從惡意程式碼偵測報告移除並抑制未來此檔案的比對。Authorizing a file removes it from the malware detection report and suppresses future matches on this file. 如需有關惡意程式碼偵測的詳細資訊,請參閱 Cloud App Security 異常偵測For more information about malware detection, see Cloud App Security anomaly detection.

Cloud App Security 152 版Cloud App Security release 152

2019 年 6 月 23 日發行Released June 23, 2019

  • 為任何應用程式部署條件式存取應用程式控制 (預覽)Deploy Conditional Access App Control for any app (preview)
    我們很高興宣佈,除了為精選應用程式提供的豐富支援外,我們還擴充了條件式存取應用程式控制的支援,使其適用於所有 Web 應用程式。We are excited to announce that we've expanded our support for Conditional Access App Control to any web app, in addition to the rich support we already offer for our featured applications. 這項新功能可讓您部署任何 Web 應用程式,使其使用工作階段與存取原則,以進行強大的即時監視與控制。This new capability allows you to deploy any web app to work with session and access policies, enabling powerful real-time monitoring and control. 舉例來說,您可以利用 Azure 資訊保護標籤來保護下載的內容、禁止上傳敏感性文件、提供稽核等等。For example, you can protect downloads with Azure Information Protection labels, block upload of sensitive documents, providing auditing, among many others.
  • 入口網站活動稽核Portal activity auditing
    Cloud App Security 會稽核入口網站中的所有系統管理員活動,為您提供所執行活動的全方位監視與調查。Cloud App Security audits all admin activity in the portal to provide you with comprehensive monitoring and investigation of activities performed. 現在,您也可以匯出最多 90 天的活動以進行進一步的調查與分析,例如調查某個使用者或簡式某個警示的系統管理員稽核。Now you can also export up to 90 days of activities for further investigation and analysis, for example, auditing of an admin investigating a specific user or viewing specific alerts. 若要匯出記錄,請前往 [管理系統管理員存取權] 設定頁面。To export the log, go to the Manage admin access settings page.
  • 自訂的 Cloud App Security 入口網站工作階段登出Custom session sign out from Cloud App Security portal
    您現在可以設定系統管理員工作階段在閒置超過指定的時間長度後,自動登出入口網站。You can now configure automatic sign out of admin sessions to the portal that are idle for longer than a specified period.

Cloud App Security 151 版Cloud App Security release 151

發行日期:2019 年 6 月 9 日Released June 9, 2019

  • 混合式 UEBA - 與 Azure ATP 原生整合 (預覽)Hybrid UEBA - Native integration with Azure ATP (preview)
    Cloud App Security 現在會與 Azure ATP 原生整合,以提供雲端應用程式和您內部部署網路中身分識別活動的單一檢視。Cloud App Security now natively integrates with Azure ATP to provide a single view of identity activities in both cloud apps and your on-premises network. 如需詳細資訊,請參閱 Azure 進階威脅防護整合For more information, see Azure Advanced Threat Protection integration.
  • UEBA 增強功能UEBA enhancements
    為了協助您識別低於雷達圖的威脅,Cloud App Security 現在會使用獨特的分析來為個別活動和警示提供風險分數。To help you identify threats that fall below the radar, Cloud App Security now uses unique profiling to provide risk scores for individual activities and alerts. 風險分數可用來識別本身不夠可疑,因此無法觸發警示的活動。The risk scores can be used to identify activities that aren't suspicious enough on their own to trigger alerts. 不過,藉由將風險分數彙總為使用者的調查優先順序分數,Cloud App Security 可協助您識別具風險的行為並聚焦於您的調查。However, by aggregating the risk scores to a user's Investigation priority score, Cloud App Security helps you identify risky behavior and focus your investigation. 這些新功能現在可在我們重新設計的使用者頁面上使用。These new capabilities are now available on our redesigned user page.
  • 已將新的風險因素新增至雲端應用程式目錄New risk factor added to Cloud App Catalog
    雲端應用程式目錄現在包含「災害復原方案」風險因素,讓您能夠評估雲端應用程式目錄中的應用程式以取得商務持續性支援。The Cloud App Catalog now includes the Disaster Recovery Plan risk factor to enable you to assess the apps in the Cloud App Catalog for business continuity support.
  • 正式推出 Microsoft Flow 連接器Microsoft Flow connector GA
    從去年預覽 Microsoft Cloud App Security 對於 Microsoft Flow 連接器的支援以來,現已公開推出此連接器。Since previewing Microsoft Cloud App Security's support for the Microsoft Flow connector last year, the connector is now generally available.
  • 適用於檔案原則的自動化治理增強功能Automated governance enhancement for File policies
    Cloud App Security 現在支援針對檔案原則設定 [資源回收筒] 治理動作,此治理動作讓您能夠自動將檔案移至 [資源回收筒] 資料夾。Cloud App Security now supports configuring the Trash governance action for File policies – This governance action provides you with the ability to automatically move files to the trash folder.
  • 已增強 Google 雲端硬碟的支援Enhanced Google Drive support
    Cloud App Security 現在支援適用於 Google 雲端硬碟的 [資源回收筒] 治理動作,此治理動作讓您能夠將 Google 雲端硬碟檔案移至 [資源回收筒] 資料夾。Cloud App Security now supports the Trash governance action for Google Drive – This governance action provides you with the ability to move Google Drive files to the trash folder.
  • 適用於應用程式管理員和群組管理員角色的新權限New permission for App admin and Group admin roles
    「應用程式/執行個體管理員」和「使用者群組管理員」角色現在均支援唯讀存取權。App/instance admin and User group admin roles now support read-only access.
  • 舊版驗證登入活動 (逐步推出)Legacy authentication sign-in activities (gradual rollout)
    Cloud App Security 現在會顯示使用傳統通訊協定 (例如 ActiveSync) 的 Azure Active Directory 登入活動。Cloud App Security now surfaces Azure Active Directory sign-in activities that use legacy protocols such as ActiveSync. 您可以在活動記錄中查看這些登入活動,而且可以在設定原則時使用。These sign-in activities can be viewed in the activity log and can be used when configuring policies.

Cloud App Security 150 版Cloud App Security release 150

發行日期:2019 年 5 月 26 日Released May 26, 2019

  • 警示匯出改進Alerts export improvement
    當您從 [警示] 頁面將警示匯出至 CSV 時,結果現在會包含警示解決或關閉的日期。When you export alerts to CSV from the Alerts page, the results will now include the date of the alert resolution or dismissal.

Cloud App Security 148 與 149 版Cloud App Security release 148 and 149

發行日期:2019 年 5 月 12 日Released May 12, 2019

  • Webex 應用程式連接器推出Webex app connector available
    已推出適用於 Cisco Webex Teams 的新應用程式連接器 (公開預覽版)。A new app connector is now available for Cisco Webex Teams in Public Preview. 您現在可以將 Microsoft Cloud App Security 連結到 Cisco Webex Teams 以監視及保護其使用者、活動與檔案。You can now connect Microsoft Cloud App Security to Cisco Webex Teams to monitor and protect its users, activities, and files. 如需詳細資訊,請參閱將 Webex 連線For more information, see Connect Webex

  • Microsoft 資料分類服務新位置Microsoft Data Classification Service new locations
    Microsoft 資料分類服務現在在四個新位置提供 - 澳洲、印度、加拿大與日本。Microsoft Data Classification Service is now available in four new locations - Australia, India, Canada, and Japan. 若您的 Office 租用戶位於這些位置,您現在可以利用 Microsoft 資料分類服務作為 Microsoft Cloud App Security 檔案原則中的內容檢測方法。If your Office tenant is located in these locations, you can now utilize Microsoft Data Classification Service as the content inspection method in Microsoft Cloud App Security file policies.

  • 影子 PaaS 與 IaaS 的探索Discovery of Shadow PaaS and IaaS
    Microsoft Cloud App Security 已擴充其 Cloud Discovery 功能,而且現在也為裝載在 IaaS 與 PaaS 解決方案 (例如 Microsoft Azure、Amazon Web Services 與 Google Cloud Platform) 上的資源提供「影子 IT」。Microsoft Cloud App Security has extended its Cloud Discovery capabilities and is now also providing Shadow IT for resources that are hosted on IaaS and PaaS solutions such as Microsoft Azure, Amazon Web Services, and Google Cloud Platform. Cloud Discovery 現在為您提供檢視在您的 IaaS 與 PaaS 上執行之自訂應用程式、正在建立的儲存體帳戶等資訊的功能。Cloud Discovery now provides you with visibility into which custom apps run on top of your IaaS and PaaS, storage accounts that are being created, and more. 您可以使用這個新功能來探索有哪些資源存在、誰存取過什麼資源,以及傳輸的流量有多少。Use this new capability in order to discover what resources exist, who accesses each of them, and how much traffic is transmitted.

  • 應用程式證明App attestation
    Microsoft Cloud App Security 合規性與風險評定現在可讓雲端提供者證明其應用程式在「雲端應用程式目錄」處於最新狀態。Microsoft Cloud App Security compliance and risk assessment now allows cloud providers to attest their app to be up to date in Cloud App Catalog. 此試驗可讓雲端提供者根據「雲端應用程式目錄」的風險屬性填寫自我證明問卷,以確定其在「雲端應用程式目錄」中的風險評定精確且處於最新狀態。This pilot allows cloud providers to fill out a self-attestation questionnaire based on the Cloud App Catalog's risk attributes to make sure that their risk assessment in Cloud App Security is accurate and up-to-date. 接著使用者可以取得有關哪個風險屬性已由提供者證明 (而不是由「雲端應用程式安全性」小組評定) 以及每個屬性何時由提供者提交的指示。Users can then get an indication as to which risk attributes were attested by the provider (rather than assessed by the Cloud App Security team) and when each attribute was submitted by the provider. 如需詳細資訊,請參閱證明您的應用程式For more information, see Attest your app.

  • Office 365 工作負載資料粒度Office 365 workload granularity
    當您將 Office 365 連結到 Microsoft Cloud App Security 時,您現在可以控制要連結的工作負載。When connecting Office 365 to Microsoft Cloud App Security, you now have control over which workloads you want to connect. 例如,只對連結 Office 365 以取得活動監視功能有興趣的客戶現在可以在連結程序期間這樣做,或透過編輯現有的 Office 365 連接器來這樣做。For example, customers only interested in connecting Office 365 for activity monitoring can now do so during the connection process, or by editing an existing Office 365 connector. 在此變更中,OneDrive 與 SharePoint 不會再顯示為個別的連接器,而是會包含在 Office 365 連接器中,作為 _Office 365 檔案_工作負載。As part of this change, OneDrive and SharePoint will no longer be shown as separate connectors but will be included in the Office 365 connector as the Office 365 files workload. 擁有現有 Office 365 連接器的客戶不會受此變更影響。Customers with an existing Office 365 connector are not impacted by this change.

  • 加強的 Teams 支援Enhanced Teams support
    您現在可以即時監視及封鎖在 Teams Web 應用程式中傳送的訊息,方式是以機密內容為基礎來設定工作階段原則。You can now monitor and block message sending in the Teams web app in real time, by configuring a Session policy based on sensitive content.

Cloud App Security 147 版Cloud App Security release 147

發行日期:2019 年 4 月 14 日Released April 14, 2019

  • 新的 Cloud Discovery 記錄剖析器New Cloud Discovery log parser
    Cloud App Security Cloud Discovery 現在包括內建的記錄剖析器,可支援 Palo Alto LEEF 記錄格式。Cloud App Security Cloud Discovery now includes a built-in log parser to support the Palo Alto LEEF log format.

  • 工作階段原則更新Session policies updates

    • 工作階段原則的額外內容檢測方法:當設定工作階段原則時,您現在有選項可用來選擇「資料分類服務」作為檔案的內容檢測方法。Additional content inspection method for session policies: When setting a session policy, you now have the option to choose Data Classification Service as a content inspection method for files. 「資料分類服務」為使用者提供廣泛的內建敏感性類型以用於識別敏感性資訊。Data Classification Service offers the user a wide range of built-in sensitive types to use to identify sensitive information.
    • 工作階段原則中的加強式檔案權限控制:當您建立工作階段原則以使用 Cloud App Security 控制下載時,您現在可以自動為每個使用者套用權限 (例如唯讀權限) 到從您的雲端應用程式下載的文件。Enhanced file permissions control in session policies: When you're creating a session policy to control downloads using Cloud App Security, you can now automatically apply permissions per user, such as read-only, to the documents upon download from your cloud apps. 這在您預先設定的公司標籤之外提供幅度更大的彈性與能力來保護資訊。This provides a much greater level of flexibility and the ability to protect information beyond your pre-configured corporate labels.
    • 大型檔案下載控制:當在工作階段原則中啟用內容檢測時,您現在可以控制當使用者嘗試下載非常大的檔案時會發生什麼事。Large file download control: When content inspection is enabled in session policies, you can now control what happens when a user tries to download a very large file. 若檔案太大以致於無法在下載時掃描,您可以選擇要封鎖或允許該檔案。If the file is too big to scan on download, you can choose whether it will be blocked or allowed.

Cloud App Security 146 版Cloud App Security release 146

發行日期:2019 年 3 月 31 日Released March 31, 2019

  • 「不可能的旅遊」增強功能Impossible travel enhancement
    已透過相鄰國家/地區的專用支援強化「不可能的移動」偵測。Impossible travel detection was enhanced with dedicated support for neighboring countries/regions.
  • 針對一般 CEF 剖析器的額外屬性支援Additional attribute support for the generic CEF parser
    已強化針對一般 CEF 格式的 Cloud Discovery 記錄檔剖析器支援,以支援額外的屬性。The Cloud Discovery log parser support for generic CEF format was enhanced to support additional attributes.
  • 針對 Cloud Discovery 報告的限域存取Scoped access to Cloud Discovery reports
    除了「探索管理員」角色之外,您現在也可以將存取範圍限定至特定的「探索」報告。In addition to the Discovery Admin role, you can now scope access to specific Discovery reports. 此增強功能可讓您針對特定網站和營業單位的資料設定權限。This enhancement enables you to configure privileges to data of specific sites and business units.
  • 新角色支援:全域讀者New role support: Global reader
    Microsoft Cloud App Security 現在支援 Azure AD 全域讀者角色。Microsoft Cloud App Security now supports the Azure AD Global Reader role. 全域讀者具有 Microsoft Cloud App Security 所有層面的完整唯讀存取權,但無法變更任何設定或採取任何動作。The Global reader has full read-only access to all aspects of Microsoft Cloud App Security, but cannot change any settings or take any actions.

Cloud App Security 145 版Cloud App Security release 145

發行日期:2019 年 3 月 17 日Released March 17, 2019

  • Microsoft Defender ATP 整合現已 GAMicrosoft Defender ATP integration is now GA
    去年,我們宣佈了與 Windows Defender 進階威脅防護整合 (英文),以增強組織中影子 IT 的探索功能,並將其擴充到公司網路之外。Last year we announced integration with Windows Defender Advanced Threat Protection that enhances the Discovery of Shadow IT in your organization, and extends it beyond the corporate network. 我們很高興宣佈現已正式推出這個獨特的整合,只需按一下即可啟用 (英文)。Enabled with a single click, we are excited to announce that this unique integration is now generally available.
  • Dynamics 365 CRM 支援Dynamics 365 CRM support
    Cloud App Security 已新增適用於 Dynamics 365 CRM 的即時監視及控制功能,使您可以保護您的商務應用程式,以及儲存在這些應用程式內的敏感性內容。Cloud App Security added real-time monitoring and control for Dynamics 365 CRM, to enable you to protect your business applications and the sensitive content stored within these apps. 如需使用 Dynamics 365 CRM 可以完成之作業的詳細資訊,請參閱此文章For more information about what can be done with Dynamics 365 CRM, see this article.

Cloud App Security 144 版Cloud App Security release 144

發行日期:2019 年 3 月 3 日Released March 3, 2019

  • 針對混合式環境的統一 SecOps 調查Unified SecOps Investigation for Hybrid Environments
    由於許多組織都擁有混合式環境,而且攻擊從雲端開始發生,然後移至內部部署,這代表 SecOps 小組必須從多個位置調查這些攻擊。Because many organizations have hybrid environments, attacks start in the cloud and then pivot to on-premises, meaning SecOps teams need to investigate these attacks from multiple places. 透過合併來自雲端與內部部署來源 (包括 Microsoft Cloud App Security、Azure ATP 與 Azure AD Identity Protection) 的信號,Microsoft 可以在單一主控台中提供統一的身分識別與使用者資訊,以增強安全性分析師的能力,因而不需在安全性解決方案之間切換。By combining signals from cloud and on-premises sources including Microsoft Cloud App Security, Azure ATP, and Azure AD Identity Protection, Microsoft empowers security analysts by providing unified identity and user information, in a single console, ending the need to toggle between security solutions. 這可讓您的 SecOps 小組有更多時間與正確的資訊來做出更好的決策,並主動補救真正的身分識別威脅與風險。This gives your SecOps teams more time and the right information to make better decisions, and actively remediate the real identity threats and risks. 如需詳細資訊,請參閱針對混合式環境的統一 SecOps 調查 (英文)For more information, see Unified SecOps Investigation for Hybrid Environments

  • 適用於惡意程式碼偵測的沙箱功能 (逐漸推出)Sandboxing capabilities for malware detection (gradual rollout)
    Cloud App Security 的惡意程式碼偵測功能已擴充,以包含透過先進的沙箱技術來識別零時差惡意程式碼的能力。Cloud App Security's malware detection capabilities are being expanded to include the ability to identify zero-day malware through advanced Sandboxing technology.
    作為此功能的一部分,Cloud App Security 會自動識別可疑檔案,並觸發這些檔案以尋找可疑檔案行為,以及該檔案具有惡意意圖 (惡意程式碼) 的指標。As part of this capability, Cloud App Security automatically identifies suspicious files and detonates them to look for suspicious file behavior and indicators that the file has malicious intent (malware). 作為此變更的一部分,惡意程式碼偵測原則現在包含 [偵測類型] 欄位,可讓您依威脅情報與沙箱功能進行篩選。As part of this change, malware detection policies now include a Detection type field that enables you to filter by threat intelligence as well as sandboxing.

  • 條件式存取更新Conditional Access updates
    條件式存取應用程式控制已新增監視及封鎖下列活動的能力:Conditional Access App Control added the ability to monitor and block the following activities:

    • 在任何應用程式中上傳檔案 - 可以防止上傳已知的惡意程式碼延伸模組,以及確保使用者在上傳前會使用 Azure 資訊保護來保護檔案。File uploads in any app - enabling scenarios such as preventing upload of known malware extensions, and ensuring users protect files with Azure Information Protection prior to upload.
    • 在任何應用程式中進行複製並貼上:讓健全的資料外流控制更為完善,其中已經包含控制下載、列印及自訂活動 (例如共用)。Copy and paste in any app - rounding out robust controls of data exfiltration that already included controlling download, print, and custom activities such as share.
    • 傳送訊息:確保個人資料 (例如密碼) 不會在熱門的共同作業工具 (例如,Slack、Salesforce 與 Workplace by Facebook) 中共用。Send message - ensuring that personal data such as passwords is not shared in popular collaboration tools such as Slack, Salesforce, and Workplace by Facebook.
    • 工作階段原則現在包含內建範本,可讓您的組織輕鬆地在獲批准的應用程式上啟用熱門的即時監視及控制,例如,根據即時內容檢查封鎖上傳Session Policies now include built-in templates to enable your organization to effortlessly enable popular real-time monitoring and control over your sanctioned apps, such as Block upload based on real-time content inspection.

Cloud App Security 143 版Cloud App Security release 143

發行日期:2019 年 2 月 17 日Released February 17, 2019

  • 應用程式執行個體的範圍部署Scope deployment for app instances
    限域部署現在可以在應用程式執行個體層級設定,以取得更好的細微性和控制。Scoped deployment can now be configured at the app instance level, allowing for greater granularity and control.

  • 角色增強功能Role enhancements

    • Cloud App Security 現在支援資料管理員與安全性操作員 Office 365 角色。The data admin and security operator Office 365 roles are now supported in Cloud App Security. 資料管理員角色讓使用者能夠管理與檔案相關的一切,以及檢視 Cloud Discovery 報告。The data admin role enables users to manage everything file related, as well as view the Cloud Discovery reports. 安全性操作員具有管理警示及檢視原則設定的權限。Security operators have permission to manage alerts and view policy configuration.
    • 安全性讀取者角色現在能夠設定 SIEM 代理程式,以進行更好的權限範圍限定。The security reader role now has the ability to configure the SIEM agent, allowing better permission scoping.
  • Microsoft Flow 支援Microsoft Flow support
    Cloud App Security 現在可以監視 Microsoft Flow 中的使用者活動。Cloud App Security now monitors user activities in Microsoft Flow. 支援的活動是由 Flow 回報給 Office 365 稽核記錄的活動。The activities supported are the activities reported by Flow to the Office 365 audit log.

  • 警示實體群組Alert entity grouping
    [警示] 頁面現在會將涉及警示的相關實體分組,以協助您進行調查。The Alert page now groups related entities that were involved in an alert to aid in your investigation.

Cloud App Security 142 版Cloud App Security release 142

發行日期:2019 年 2 月 3 日Released February 3, 2019

  • Azure AD 中的工作階段原則設定Session policy configuration in Azure AD
    您現在可以設定工作階段原則,直接在 Azure AD 條件式存取中即時監視使用者或封鎖下載。You can now configure session policies to monitor users or block downloads in real-time, directly in Azure AD conditional access. 您仍然可以直接在 Cloud App Security 中設定進階工作階段原則。You can still configure advanced session policies directly in Cloud App Security. 若要逐步完成此部署,請參閱部署 Azure AD 應用程式的條件式存取應用程式控制To walk through this deployment, see Deploy Conditional Access App Control for Azure AD apps.

  • 適用於 OAuth 應用程式的建議與已儲存查詢Suggested and Saved queries for OAuth apps
    已新增至 [OAuth 應用程式] 頁面的建議查詢提供現成的調查範本來篩選 OAuth 應用程式。Suggested queries have been added to the OAuth apps page provide out-of-the-box investigation templates to filter your OAuth apps. 建議的查詢包括自訂篩選條件來識別具風險的應用程式 (例如,管理員所授權的應用程式)。Suggested queries include custom filters to identify risky apps such as apps authorized by administrators. 已儲存的查詢可讓您儲存自訂查詢以供日後使用,類似於目前在 [活動記錄] 與 [探索] 頁面中提供的已儲存查詢。Saved queries enable you to save custom queries for future use, similar to saved queries available today in the Activity log and Discovery pages.

  • Office 365 稽核預設設定Office 365 auditing default configuration
    若要在 Cloud App Security 中啟用對 Office 365 活動的監視,您現在必須在 Office 安全性與合規性中心啟用稽核,這是變更 Office 365 稽核的結果。If you want to enable monitoring of Office 365 activities in Cloud App Security, you are now required to enable auditing in the Office Security and Compliance Center, this is a result of a change to Office 365 auditing. 只有尚未在 Cloud App Security 中啟用對 Office 365 活動的監視時,才需執行此變更。This change only needs to be performed if you haven't already enabled monitoring of Office 365 activities in Cloud App Security.

  • 已增強 Box 支援Enhanced Box support
    Cloud App Security 現在支援兩個適用於 Box 的新治理動作:Cloud App Security now supports two new governance actions for Box:

    • 讓共用連結到期:此治理動作讓您能夠設定共用連結的到期日,在這之後其將不再處於作用中狀態。Expire shared link – This governance action provides you with the ability to set an expiration date for a shared link after which it will no longer be active.

    • 變更共用連結存取層級:此治理動作讓您能夠在僅限公司、僅限共同作業者和公開的情況下,變更共用連結的存取層級。Change sharing link access level – This governance action provides you with the ability to change the access level of the shared link between company only, collaborators only, and public.

  • OneDrive 中的多重位置支援Multi-location support in OneDrive
    Cloud App Security 現在提供 OneDrive 檔案的完整可見度,即使這些檔案散佈在多個地理位置也一樣。Cloud App Security now provides full visibility into OneDrive files, even if they are dispersed across multiple geographic locations. 目前會針對位於其他位置以及主要位置的檔案提供保護。Protection is now available for files located in the additional locations as well as the main location.

  • 入口網站導覽增強功能Portal navigation enhancement
    Cloud App Security 入口網站已增強,可提供更好的導覽,並讓 Cloud App Security 更能與 Microsoft 的其他安全性服務保持一致,以簡化易用性。The Cloud App Security portal was enhanced to provide better navigation and better align Cloud App Security with Microsoft's other security services, for streamlined ease-of-use.

Cloud App Security 141 版Cloud App Security release 141

發行日期:2019 年 1 月 20 日Released January 20, 2019

  • 雲端風險評量增強功能Cloud risk assessment enhancements

    • 雲端應用程式風險評量已利用兩個新體驗來增強。Cloud app risk assessment was enhanced with two new experiences.
      • 新的資料類型屬性會評量使用者可上傳至應用程式的內容種類。A new Data type attribute assesses what kind of content users can upload to the app. 您可以使用這個屬性,根據組織中每個資料類型的敏感度來評量應用程式。You can use this attribute to assess an app according to the sensitivity of each data type in your organization.
      • 若要取得更完整的應用程式風險概觀,您現在可以按一下 [主機服務公司] 屬性,輕鬆地從應用程式的風險評量轉移到主機服務公司的風險評量。To get a more comprehensive risk overview of an app, you can now easily pivot from the app's risk assessment to the risk assessment of hosting company by clicking on the Hosting company attribute.
  • 已增強適用於異常偵測警示調查的檔案內容Enhanced file context for anomaly detection alert investigation

    • 異常偵測調查已增強,可讓您查看與警示有關之檔案相關聯的其他見解。Anomaly detection investigation was enhanced to enable you to see additional insight associated with the files that are involved in an alert. 當觸發與檔案相關之異常活動 (下載、共用、刪除) 的警示時,可提供此向下鑽研功能。When alerts are triggered for file-related unusual activity alerts (Download, Share, Delete), this drill-down is available. 例如,如果大部分受影響的檔案都來自相同的資料夾或具有相同的副檔名,您將會在警示的 [其他風險] 區段中看到這些見解。For example, if most of the affected files are from the same folder or share the same file extension, you will see these insights in the Additional risk section of the alert.
  • 適用於檔案調查的查詢Queries for file investigation

    • Cloud App Security 建立及儲存自訂查詢的能力已延伸至 [檔案] 頁面。Cloud App Security's ability to create and save custom queries was extended to the Files page. [檔案] 頁面中的查詢讓您能夠建立可重複使用的查詢範本,以進行深入調查。Queries in the File page enable you to create query templates that can be reused for deep-dive investigation.

Cloud App Security 139、140 版Cloud App Security release 139, 140

發行日期:2019 年 1 月 6 日Released January 6, 2019

  • 檔案偵測中的變更Change in file detection
    由於已對 SharePoint 和 One Drive 進行變更 (英文),因此,系統現在會將 SharePoint 和 One Drive 上與所有人共用的檔案視為內部Files shared with everyone in SharePoint and One Drive are now considered internal due to changes made to SharePoint and One Drive. 所以,若偵測到的檔案與所有人共用,則現在會將其視為內部檔案,這會影響原則處理檔案以及在 [檔案] 頁面中顯示的方式。So if a file is detected that is shared with everyone, it will now be treated as an internal file – this affects how the file is handled by policies and shown in the files page.

  • 對於檔案監視的變更Change in file monitoring
    對於新客戶和閒置客戶的預設檔案監視行為已變更。The default file monitoring behavior changed for new and idle customers. 您現在將必須開啟檔案監視以啟用此功能 (透過 [設定] > [檔案])。You will now need to turn on file monitoring to enable the feature, via Settings > Files. 此變更將不會影響現有的作用中客戶。Existing active customers will not be affected by this change.

  • 進階調整異常偵測原則Advanced tuning for anomaly detection policies
    您現在可以根據自己的喜好設定,影響異常偵測引擎來隱藏或呈現警示。You can now affect the anomaly detection engine to suppress or surface alerts according to your preferences.

    • 在 [不可能的移動] 原則中,您可以設定敏感度滑桿,以決定觸發警示之前所需的異常行為層級。In the Impossible Travel policy, you can set the sensitivity slider to determine the level of anomalous behavior needed before an alert is triggered.
    • 您也可以設定來自非經常性國家/地區、匿名 IP 位址、可疑 IP 位址與不可能之移動的活動警示應分析失敗與成功的登入,或只分析成功的登入。You can also configure whether the alerts for Activity from infrequent country, anonymous IP addresses, suspicious IP addresses, and impossible travel should analyze both failed and successful logins or just successful logins.
  • 支援多個信任鏈結Support for multiple trust chains
    條件式存取應用程式控制現在支援新增並使用多個受信任的根或中繼憑證,作為裝置管理的形式。Conditional Access App Control now supports adding and using multiple trusted root or intermediate certificates as a form of device management.

  • 新的 Cloud Discovery 角色 (逐步推出)New Cloud Discovery role (gradual rollout)
    Cloud App Security 現在為 Cloud Discovery 使用者提供了新的系統管理員角色。Cloud App Security now provides a new admin role for Cloud Discovery users. 此角色可用於將管理使用者的存取範圍僅侷限於 Cloud App Security 入口網站中的 Cloud Discovery 設定與資料。This role can be used in order to scope the access of an admin user to only Cloud Discovery settings and data within the Cloud App Security portal.

  • 支援 Microsoft 資訊保護統一標籤 (逐步推出)Support for Microsoft Information Protection unified labels (gradual rollout)
    Cloud App Security 現在支援 Microsoft 資訊保護統一標籤。Cloud App Security now supports Microsoft Information Protection unified labels. 對於已針對 Office 365 安全性與合規性中心移轉其分類標籤的客戶,Cloud App Security 將會識別並使用這些標籤,如與 Azure 資訊保護整合中所述。For customers that already migrated their classification labels for the Office 365 Security and Compliance Center, Cloud App Security will identify and work with these labels as described in Integrating with Azure Information Protection.

支援 PDF 檔案標記 (逐步推出)Support for PDF file labeling (gradual rollout)
針對使用統一標籤的客戶,Cloud App Security 現在支援 PDF 檔案的自動標籤。For customers using unified labels, Cloud App Security now supports autolabeling for PDF files.

Cloud App Security 138 版Cloud App Security release 138

發行日期:2018 年 12 月 9 日Released December 9, 2018

  • 在 Windows 上使用 Docker 自動上傳記錄Automatic log upload using Docker on Windows
    Cloud App Security 現在支援在 Windows 10 (Fall Creators Update) 與 Windows Server 1709 (含) 以後版本上,使用適用於 Windows 的 Docker 自動上傳記錄。Cloud App Security now supports automatic log upload for Windows 10 (fall creators update) and Windows Server, version 1709 and later using a Docker for Windows. 如需如何進行這項設定的詳細資訊和指示,請參閱 Windows 上的 Docker 內部部署For more information and instructions on how this can be configured, see Docker on Windows on-premises.

  • Cloud App Security 會與 Microsoft Flow 整合,以提供自訂警示自動化與協調流程劇本。Cloud App Security integrates with Microsoft Flow to provide custom alert automation and orchestration playbooks. 如需詳細資訊與整合指示,請參閱與 Microsoft Flow 整合For more information and integration instructions, see Integrating with Microsoft Flow.

Cloud App Security 137 版Cloud App Security release 137

發行日期:2018 年 11 月 25 日Released November 25, 2018

  • 已新增對 Dynamics 的支援Added support for Dynamics
    Cloud App Security 現在支援 Office 365 稽核記錄中所支援的 Microsoft Dynamics 活動。Cloud App Security now includes support for the Microsoft Dynamics activities that are supported in the Office 365 audit log.

  • 掃描加密的內容 (預覽)Scanning encrypted content (preview)
    Cloud App Security 現在讓您能夠掃描受 Azure 資訊保護保護標籤所保護的內容。Cloud App Security now enables you to scan content that is protected by Azure Information Protection protection labels. 這將可讓您尋找敏感性內容,即使是在已由 Azure 資訊保護加密的檔案中也一樣。This will allow you to find sensitive content, even in files that have already been encrypted by Azure Information Protection.

  • 預告 - 新術語!Heads up – new terminology!
    為了更加清楚明瞭,已變更應用程式權限功能的名稱,其名稱現在為 OAuth 應用程式The name of the App permissions capabilities was changed for clarity – it is now called OAuth apps.

Cloud App Security 136 版Cloud App Security release 136

發行日期:2018 年 11 月 11 日Released November 11, 2018

  • Cloud Discovery 更新Cloud Discovery updates
    自訂記錄剖析器已增強,可支援其他和更複雜的 Web 流量記錄格式。The custom log parser was enhanced to support additional and more complex web traffic logs formats. 在這些增強功能中,使用者現在可以針對無標題的 CSV 記錄檔案輸入自訂標題、針對機碼/值檔案使用特殊分隔符號、處理 Syslog 檔案格式等。As part of these enhancements users can now input custom headers for headerless CSV log files, use special delimiters for key-value files, process Syslog file format, and more.

  • 新增異常偵測原則New anomaly detection policies
    可疑的收件匣操作規則:此原則會分析您的環境,並在對使用者收件匣設定要刪除或移動訊息或資料夾的可疑規則時觸發警示。Suspicious inbox manipulation rules: This policy profiles your environment and triggers alerts when suspicious rules that delete or move messages or folders are set on a user's inbox. 這可能代表使用者帳戶遭到盜用、訊息遭到刻意隱藏,以及信箱被用來在組織中散發垃圾郵件或惡意程式碼。This may indicate that the user's account is compromised, that messages are being intentionally hidden, and that the mailbox is being used to distribute spam or malware in your organization.

  • 支援應用程式權限原則中的群組Support for groups in app permission policies
    Cloud App Security 現在可讓您根據已授權應用程式的使用者群組成員資格,更精細地定義應用程式權限原則。Cloud App Security now gives you the ability to define app permission policies more granularly, based on the group memberships of the users who authorized the apps. 例如,管理員可以決定要設定一個原則,在不常見的應用程式要求高權限時將其撤銷,但前提是授權權限的使用者是 Administrator 群組的成員。For example, an admin can decide to set a policy that revokes uncommon apps if they ask for high permissions, only if the user who authorized the permissions is a member of the administrators group.

  • 條件式存取應用程式控制現在會透過 Azure Active Directory 應用程式 Proxy 來與您的內部部署應用程式整合Conditional Access App Control now integrates with your on-prem apps via Azure Active Directory Application Proxy

    • Azure AD 應用程式 Proxy 可為裝載於內部部署的 Web 應用程式提供單一登入和安全的遠端存取。The Azure AD Application Proxy provides single sign-on and secure remote access for your web apps hosted on-prem.
    • 這些內部部署 Web 應用程式現在可以透過 Azure AD 條件式存取路由傳送到 Microsoft Cloud App Security,以透過存取工作階段原則提供即時監視及控制。These on-prem web apps can now be routed to Microsoft Cloud App Security via Azure AD conditional access to provide real-time monitoring and controls, via access and session policies.

Cloud App Security 133、134、135 版Cloud App Security release 133, 134, 135

發行日期:2018 年 10 月Released October, 2018

  • 正逐漸推出新的異常偵測原則New anomaly detection policies being gradually rolled out

    • 新的 [待批准應用程式的資料洩漏] 原則會自動啟用,在使用者或 IP 位址使用未獲批准來執行類似於企圖從您的組織取得資訊的活動時,發出警示。The new Data exfiltration to unsanctioned apps policy is automatically enabled to alert you when a user or IP address uses an app that is not sanctioned to perform an activity that resembles an attempt to exfiltrate information from your organization.
      • 相對於您組織中的基準,新的 [多次 VM 刪除活動] 原則會分析您的環境,並在使用者刪除單一工作階段中的多部 VM 時觸發警示。The new Multiple delete VM activities policy profiles your environment and triggers alerts when users delete multiple VMs in a single session, relative to the baseline in your organization.
  • 適用於 APAC 的資料分類服務Data classification service available for APAC

  • Cloud Discovery 對 i-Filter 的支援Cloud Discovery support for i-Filter

    • Cloud App Security Cloud Discovery 功能現已增強對 i-Filter syslog 剖析器的支援。The Cloud App Security Cloud Discovery feature now has enhanced support for the i-Filter syslog parser.

Cloud App Security 132 版Cloud App Security release 132

發行日期:2018 年 9 月 25 日Released September 25, 2018

  • Office 365 的條件式存取應用程式控制現已開放公開預覽Conditional Access App Control for Office 365 is now in Public Preview

    • 條件式存取應用程式控制現在也支援 Office 365,以及使用 Open ID Connect 設定的所有應用程式。Conditional Access App Control now also supports Office 365 and any app that is configured with Open ID Connect.
    • 從工作階段內提供意見反應:這個新工具可讓您直接從工作階段內,將有關工作階段控制下應用程式效能的意見反應提供給 Cloud App Security 小組。Provide feedback from within a session: This new tool enables you to provide feedback to the Cloud App Security team about the performance of an application under session control, directly from within the session.
  • 與 Microsoft Defender ATP 的原生整合,讓 Shadow IT Discovery 超越公司範圍Native integration with Microsoft Defender ATP for Shadow IT Discovery beyond your corp

    • Microsoft Cloud App Security 現在會與 Windows Defender 進階威脅防護 (ATP) 原生整合,來提供不需部署的影子 IT 探索功能,讓雲端應用程式能夠間歇性地使用公司網路。Microsoft Cloud App Security now natively integrates with Windows Defender Advanced Threat Protection (ATP) to provide deploymentless Shadow IT discovery capabilities for on and off corporate network use of cloud apps. 這讓您能夠在電腦上執行 Cloud Discovery,即使其不在您的公司網路內也一樣。This enables you to perform Cloud Discovery on machines, even when they are not within your corporate network. 它也會啟用以電腦為基礎的調查:在您識別有風險的使用者之後,接著可檢查使用者已存取的所有電腦來偵測潛在風險;如果您識別出有風險的電腦,就可以檢查使用該電腦的所有使用者以調查潛在風險。It also enables machine-based investigation: after you identify a risky user, you can then check all the machines the user accessed to detect potential risks; if you identify a risky machine, you can check all the users who used it to investigate potential risks. 如需詳細資訊,請參閱「Windows Defender 進階威脅防護與 Microsoft Cloud App Security 的整合」。For more information, see Windows Defender Advanced Threat Protection integration with Microsoft Cloud App Security.
  • 對於已加密檔案的內容檢查Content inspection for encrypted files

    • Cloud App Security 現在支援對於使用 Azure 資訊保護來保護之已加密且受保護檔案的內容檢查。Cloud App Security now supports content inspection of protected files that are encrypted that were protected using Azure Information Protection. 您現在可以基於重新分類目的來檢查這些加密檔案,並找出其他 DLP 風險與安全性原則違規。You can now inspect these encrypted files for reclassification proposes and identify additional DLP exposure and security policy violations.

Cloud App Security 131 版Cloud App Security release 131

發行日期:2018 年 9 月 2 日Released September 2, 2018

  • 自動撤銷有風險 OAuth 應用程式的權限Automatically revoke permissions on risky OAuth apps
    您現在可以透過撤銷 Office、Google 或 Salesforce 上 OAuth 應用程式的應用程式權限,來控制使用者有權存取的 OAuth 應用程式。You can now control which OAuth apps your users have access to, by revoking app permission for OAuth apps on Office, Google, or Salesforce. 建立應用程式權限原則時,您現在可以設定原則來撤銷應用程式的權限。When creating an App permission policy, you can now set the policy to revoke an app's permission.

  • 已支援 Cloud Discovery 的其他內建剖析器Cloud Discovery additional built-in parser supported
    Cloud Discovery 現在支援 Forcepoint Web Security Cloud 記錄格式。Cloud Discovery now supports the Forcepoint Web Security Cloud log format.

Cloud App Security 130 版Cloud App Security release 130

發行日期:2018 年 8 月 22 日Released August 22, 2018

  • 新增功能表列New menu bar
    為了在 Office 365 產品之間提供更加一致的管理體驗,並且讓您能更輕鬆地在 Microsoft 安全性解決方案之間轉換,已將 Cloud App Security 入口網站功能表列移至畫面左側。To provide a more consistent admin experience across Office 365 products and enable you to more easily pivot between Microsoft security solutions, the Cloud App Security portal menu bar moved to the left side of the screen. 這個一致性導覽體驗可協助您在從一個 Microsoft 安全性入口網站移至另一個時,自行調整方向。This consistent navigation experience helps you orient yourself when moving from one Microsoft security portal to another.

  • 影響 OAuth 應用程式分數Impact OAuth app score
    您現在可以將意見反應傳送給 Cloud App Security 小組,讓我們知道是否已在您的組織中探索到似乎是惡意的 OAuth 應用程式。You can now send the Cloud App Security team feedback to let us know if there's an OAuth app discovered in your organization that seems malicious. 這個新功能可讓您成為我們安全性社群的一部分,並增強 OAuth 應用程式風險分數與分析。This new feature enables you to be part of our security community and enhance OAuth app risk score and analysis. 如需詳細資訊,請參閱管理 OAuth 應用程式For more information, see Manage app permiOAuth appsssions.

  • 新增 Cloud Discovery 剖析器New Cloud Discovery parsers
    Cloud Discovery 剖析器現在支援 iboss Secure Cloud Gateway 和 Sophos XG。The Cloud Discovery parsers now support iboss Secure Cloud Gateway and Sophos XG.

Cloud App Security 129 版Cloud App Security release 129

發行日期:2018 年 8 月 5 日Released August 5, 2018

  • 新增異常偵測原則 - 可疑電子郵件規則New anomaly detection policies - suspicious email rules
    已新增新的異常偵測原則來偵測可疑電子郵件轉寄規則,例如,使用者是否建立了一個收件匣規則來將所有電子郵件複本轉寄到外部地址。New anomaly detection policies were added that detect suspicious email forwarding rules, for example, if a user created an inbox rule that forwards a copy of all emails to an external address.

  • 此版本包含針對多個問題的修正和改善。This release includes fixes and improvements for multiple issues.

Cloud App Security 128 版Cloud App Security release 128

發行日期:2018 年 7 月 22 日Released July 22, 2018

  • 跨多個應用程式的 OAuth 應用程式動作OAuth apps actions across multiple apps
    對於已獲授與應用程式權限的 OAuth 應用程式,您現在可以在單一動作中禁止或核准多個應用程式。For OAuth apps that have been granted app permissions, you can now ban or approve multiple apps in a single action. 例如,您可以檢閱組織中的使用者已授與權限的所有應用程式、選取您要禁止的所有應用程式,然後按一下 [禁止應用程式] 以撤銷所有已授與的同意,而且不再允許使用者將權限授與那些應用程式。For example, you can review all the apps that have been granted permission by users in your organization, select all the apps you want to ban, and then click ban apps to revoke all consent granted and will no longer allow users to grant permission to those apps. 如需詳細資訊,請參閱管理 OAuth 應用程式For more information, see Manage OAuth apps.

  • 已增強對 Azure 應用程式的支援Enhanced support for Azure applications
    針對 Azure,我們現正逐漸推出以 Azure 應用程式 (內部和外部) 所執行的使用者帳戶活動來偵測應用程式的功能。For Azure, we are now gradually rolling out the ability to detect applications as user account activities performed by the Azure applications (both internal and external). 這可讓您建立原則,以便在應用程式執行未預期與未經授權的活動時向您發出警示。This enables you to create policies that will alert you if an application performs unexpected and unauthorized activities. 如需詳細資訊,請參閱將 Azure 連線至 Microsoft Cloud App SecurityFor more information, see Connect Azure to Microsoft Cloud App Security.

  • 已使用新 GDPR 敏感性類型更新的資料分類引擎Data Classification Engine updated with new GDPR sensitive types
    Cloud App Security 資料分類服務已將新的 GDPR 敏感性類型新增到我們的資料分類引擎,讓您能夠偵測檔案中的 GDPR 相關內容。The Cloud App Security Data Classification Service added new GDPR sensitive types to our Data Classification Engine to enable you to detect GDPR related content in your files.

  • 雲端應用程式目錄的更新Updates to the Cloud App Catalog
    雲端應用程式目錄現在包含 [法律風險] 類別 (除了 [一般]、[安全性] 和 [合規性]),可協助您管理資料隱私權和擁有權合規性,包括 GDPR 整備度。The Cloud App Catalog now includes a legal risk category (in addition to General, Security and Compliance) to help you manage data privacy and ownership compliance, including GDPR readiness. 為了協助評量每個雲端應用程式的 GDPR 整備度,新的風險類別會包含雲端服務的 GDPR 整備度聲明和每個 GDPR 架構控制項的狀態。To help with assessing the GDPR readiness of each cloud app, the new risk category contains the GDPR readiness statement of the cloud service and status of each GDPR framework control. 請注意,在這個改善的過程中,已將下列風險屬性從其他風險類別移至法律類別:Note that as part of this improvement, the following risk attributes were moved from other risk category to the Legal category:

    • DMCADMCA
    • 資料擁有權Data ownership
    • 資料保留原則Data retention policy

    此外,新的風險類別會個別計分,因此,您可以根據自己的喜好設定和優先順序來設定分數加權。In addition, the new risk category is scored separately so you can configure the score weighting according to your preferences and priorities. 如需詳細資訊,請參閱風險分數For more information, see Risk score.

  • 新增建議的查詢:符合 GDPR 規範New suggested query: GDPR ready
    有一個新的建議查詢,可讓您識別符合 GDPR 規範的已探索應用程式。There is a new suggested query to enable you to identify discovered apps that are GDPR ready. 因為 GDPR 最近已成為安全性管理員的首要任務,所以,此查詢可協助您輕鬆地識別出符合 GDPR 規範的應用程式,並藉由評量未通過的風險來降低威脅。Because GDPR recently became a top priority for security admins, this query helps you easily identify apps that are GDPR ready and mitigate threat by assessing the risk of those that aren't.

Cloud App Security 127 版Cloud App Security release 127

發行日期:2018 年 7 月 8 日Released July 8, 2018

  • 您現在能夠看到 Office 365 的一般活動。You now have the ability to see generic activities for Office 365. 在 [活動記錄] 與 [活動原則] 中,您現在可以過濾 Office 365 活動以尋找未指定活動。In the Activity log and in Activity policies you can now filter the Office 365 activities for Unspecified activities. 檢閱這些活動可讓您調查有關 Cloud App Security 中尚未依類型分類且已執行的活動資訊,而您可以使用這些活動來傳送要求給 Cloud App Security 小組,以根據這些活動建立新的活動類型。Reviewing these activities enables you to investigate information about activities performed that aren't yet classified by type in Cloud App Security, and you can use these activities to send requests to the Cloud App Security team to create new activity types based on these activities.

Cloud App Security 126 版Cloud App Security release 126

發行日期:2018 年 6 月 24 日Released June 24, 2018

  • 條件式存取應用程式控制已正式推出Conditional Access App Control GA
    Microsoft Cloud App Security 的條件式存取應用程式控制 (反向 Proxy) 現已正式推出,可供任何 SAML 應用程式使用。Microsoft Cloud App Security's Conditional Access App Control (reverse proxy) is now generally available for any SAML applications. 條件式存取應用程式控制會直接與您的 Azure AD 條件式存取原則整合,以便即時監視和控制使用者的工作階段,同時能夠使其提高生產力。Conditional Access App Control integrates directly with your Azure AD conditional access policies to monitor and control your users' sessions in real time, while enabling them to be productive. 自從首次預覽此功能以來,已做過許多功能和改善,其中包括:Since first previewing the feature, many features and improvements have been made, including:

    • 除了針對瀏覽器流量建立工作階段原則之外,還能建立存取原則來管理從原生用戶端對相同應用程式進行的存取。The ability to create an access policy to manage access to the same apps from native clients, in addition to creating a session policy for browser traffic.
    • 應用程式上線程序已簡化,可在您的組織中支援自訂的 SAML 應用程式。The app onboarding process was streamlined to support custom SAML applications in your organization.
    • 作為 Azure 全球網路的一部分,整合和介面已經過改善,可為世界各地的使用者提供順暢的體驗。As part of the Azure worldwide network, the integration and interface have been improved for a seamless experience for users located anywhere in the world.
  • 使用 Microsoft 資料分類服務進行內容檢查已正式推出Content inspection with Microsoft Data Classification Service GA
    Microsoft Cloud App Security 與 Microsoft 資料分類服務的整合現已正式推出。Microsoft Cloud App Security integration with Microsoft Data Classification Services is now generally available. 此整合可讓您以原生方式使用 Microsoft 資料分類服務,來將雲端應用程式中的檔案分類。This integration enables you to utilize the Microsoft Data Classification Service natively, to classify the files in your cloud apps. 如需詳細資訊,請參閱 Microsoft 資料分類服務整合For more information, see Microsoft Data Classification Services integration. 此功能目前僅適用於美國和歐洲 (法國除外)。This feature is currently only available in the US and Europe (excluding France).

  • Cloud Discovery 執行報告Cloud Discovery executive report
    Microsoft Cloud App Security 正逐漸推出產生 Cloud Discovery 執行 PDF 報告的功能。Microsoft Cloud App Security is gradually rolling out the ability to generate a Cloud Discovery executive PDF report. 此報告會概述在您組織中識別出的影子 IT 使用方式,醒目提示整體和領先類別中使用的熱門應用程式和使用者,並著重於影子 IT 在組織中帶來的風險。This report provides an overview of the Shadow IT use that was identified in your organization, highlighting the top apps and users in use overall and in leading categories, and focuses on the risk that Shadow IT poses in your organization. 此外,此報告還提供一份建議清單,說明如何改善組織中影子 IT 的可見度及控制。In addition, the report provides a list of recommendations for how to improve visibility into, and control over, Shadow IT in your organization. 使用此報告來確保已移除潛在的風險和威脅,並確保您的組織安全。Use this report to make sure that potential risks and threats are removed and that your organization remains safe and secure.

  • 惡意程式碼偵測Malware detection
    現正逐漸推出惡意程式碼偵測功能,可自動偵測您雲端儲存體中的惡意檔案,而不論檔案類型為何。The malware detection capability is being gradually rolled out that automatically detects malicious files in your cloud storage, regardless of the file type. Microsoft Cloud App Security 使用 Microsoft 的威脅情報來辨識某些檔案是否與已知的惡意程式碼攻擊相關聯,或者是否可能是惡意的。Microsoft Cloud App Security uses Microsoft's threat intelligence to recognize whether certain files are associated with known malware attacks or are potentially malicious. 如需詳細資訊,請參閱異常偵測原則For more information, see Anomaly detection policies.

  • 針對可疑活動自動進行補救Automated remediation for suspicious activities
    您現在可以為異常偵測原則所觸發的可疑工作階段設定自動補救動作。You can now set automatic remediation actions for suspicious session triggered by the anomaly detection policies. 此增強功能可讓您在發生缺口時立即收到警示,並自動套用治理動作,例如暫時停止使用者的權限。This enhancement enables you to be alerted instantly when a breach occurs and apply governance actions automatically, such as suspend user. 如需詳細資訊,請參閱異常偵測原則For more information, see Anomaly detection policies.

  • Azure 的安全性設定評量Security configuration assessment for Azure
    Microsoft Cloud App Security 正逐漸推出取得您 Azure 環境安全性設定評量的功能,以及提供遺漏設定和安全性控制的建議。Microsoft Cloud App Security is gradually rolling out the ability to get a security configuration assessment of your Azure environment, and provides recommendations for missing configuration and security control. 例如,其將讓您知道自己是否遺漏了可供系統管理使用者使用的 MFA。For example, it will let you know if you are missing MFA for administrative users. 如需詳細資訊,請參閱雲端安全性狀態管理整合For more information, see Cloud Security Posture Management integration.

  • 自動偵測具風險的 OAuth 應用程式Automated detection of risky OAuth Apps
    除了連線到您環境之 OAuth 應用程式的現有調查,Microsoft Cloud App Security 現正逐漸推出設定自動化通知的功能,當 OAuth 應用程式符合特定準則時,便會讓您知道。In addition to the existing investigation of OAuth apps connected to your environment, Microsoft Cloud App Security is now gradually rolling out the ability to set automated notifications to let you know when an OAuth app meets certain criteria. 例如,您可以在有應用程式需要高權限層級,且已獲 50 位以上的使用者授權時,自動收到警示。For example, you can automatically be alerted when there are apps that require a high permission level and were authorized by more than 50 users. 如需詳細資訊,請參閱應用程式權限原則For more information, see App permission policies.

  • 受控安全性服務提供者管理 (MSSP) 支援Managed Security Service Provider management (MSSP) support
    Microsoft Cloud App Security 現在可為 MSSP 提供更好的管理體驗。Microsoft Cloud App Security now provides a better management experience for MSSPs. 現在可以將外部使用者設定為管理員,並指派 Microsoft Cloud App Security 中目前可用的任何角色External users can now be configured as administrators and assigned any of the roles currently available in Microsoft Cloud App Security. 此外,若要讓 MSSP 跨多個客戶租用戶提供服務,有權存取多個租用戶的管理員現在可以輕鬆地在入口網站內切換租用戶。In addition, to enable MSSPs to provide services across multiple customer tenants, Administrators who have access rights to more than one tenant can now easily switch tenants within the portal. 如需管理管理員的相關資訊,請參閱管理管理員For information about managing admins, see Manage admins.

  • 與外部 DLP 整合已正式推出Integration with external DLP GA
    Microsoft Cloud App Security 可讓您運用協力廠商分類系統中的現有投資 (例如資料外洩防護 (DLP) 解決方案),而且可讓您使用環境中執行的現有部署來掃描雲端應用程式的內容。Microsoft Cloud App Security allows you to leverage existing investments in third-party classification systems such as Data Loss Prevention (DLP) solutions, and enables you to scan the contents of cloud applications using existing deployments running in your environment. 如需詳細資訊,請參閱外部 DLP 整合For more information, see External DLP integration.

Cloud App Security 125 版Cloud App Security release 125

發行日期:2018 年 6 月 10 日Released June 10, 2018

  • 新增依排名在前的使用者進行的調查功能:New investigation capability by top users:
    Microsoft Cloud App Security 已將新的調查介面控件新增至儀表板,依開啟威脅偵測警示的數目顯示排名在前的使用者。Microsoft Cloud App Security added a new investigation widget to the dashboard that shows top users by the number of open threat detection alerts. 這個調查介面控件可讓您將威脅調查重點放在可疑工作階段數量最高的使用者。This investigation widget enables you to focus your threat investigation on users with the highest number of suspicious sessions.

  • 支援 AWS S3 貯體:Support for AWS S3 buckets:
    Microsoft Cloud App Security 現在可以偵測 AWS S3 貯體及其共用層級。Microsoft Cloud App Security can now detect AWS S3 buckets and their sharing levels. 這會針對可公開存取的 AWS 貯體提供警示和可見度。This provides alerts and visibility into publicly accessible AWS buckets. 這也可讓您根據貯體建立原則,並套用自動治理。This also enables you to create policies based on buckets and apply automatic governance. 此外,有一個新的原則範本 (稱為可公開存取的 S3 貯體 (AWS) ) 可供使用,讓您可用於輕鬆地建立原則來治理 AWS 儲存體。In addition, there is a new policy template available called Publicly accessible S3 buckets (AWS) that you can use to easily create a policy to govern your AWS storage. 為了啟用這些新功能,請務必新增連線 AWS 中所述的新權限,以更新 AWS 連線的應用程式。In order to enable these new capabilities, make sure you update your AWS connected apps by adding the new permissions described in Connect AWS.

  • 以使用者群組為基礎的管理員權限Admin privileges based on user groups:
    您現在可以為每個使用者群組設定 Microsoft Cloud App Security 管理員的管理權限。You can now set administrative permissions to Microsoft Cloud App Security admins per user group. 例如,您可以將特定使用者設定為僅適用德國使用者的管理員。For example, you can set a specific user as an administrator for only users in Germany. 這樣讓使用者只能針對使用者群組「德國 - 所有使用者」來檢視及修改 Microsoft Cloud App Security 中的資訊。This would enable the user to view and modify information in Microsoft Cloud App Security only for the user group "Germany - all users." 如需詳細資訊,請參閱管理管理員存取權For more information, see Managing admin access.

Cloud App Security 124 版Cloud App Security release 124

發行日期:2018 年 5 月 27 日Released May 27, 2018

  • 已新增至雲端應用程式目錄的 GDPR 風險評量GDPR risk assessment added to Cloud App Catalog
    已在 Microsoft Cloud App Security 中新增 13 個新的風險因素。13 new risk factors were added to Microsoft Cloud App Security. 這些風險因素會遵循 GDPR 架構的檢查清單,讓您可以根據 GDPR 法規來評量雲端應用程式目錄中的應用程式。These risk factors follow the checklist of the GDPR framework to enable you to assess the apps in the Cloud App Catalog according to the GDPR regulations.

  • 與 Microsoft 資料分類服務整合Integrate with Microsoft Data Classification Service
    Microsoft Cloud App Security 現在可讓您以原生方式使用 Microsoft 資料分類服務,來將雲端應用程式中的檔案分類。Microsoft Cloud App Security now enables you to utilize the Microsoft Data Classification Service natively, to classify the files in your cloud apps.
    Microsoft 資料分類服務會在 Office 365、Azure 資訊保護和 Microsoft Cloud App Security 之間提供統一的資訊保護體驗。The Microsoft Data Classification Service provides a unified information protection experience across Office 365, Azure Information Protection, and Microsoft Cloud App Security. 它可讓您將相同的資料分類架構擴充到受 Microsoft Cloud App Security 保護的協力廠商雲端應用程式,以利用您已在更多應用程式中做出的決策。It allows you to extend the same data classification framework to the third-party cloud apps that are protected by Microsoft Cloud App Security, leveraging the decisions you already made across an even greater number of apps.

  • 連線到 Microsoft Azure (逐漸推出)Connect to Microsoft Azure (gradual rollout)
    Microsoft Cloud App Security 正在將其 IaaS 監視功能擴充到 Amazon Web Services 之外,且現在支援 Microsoft Azure。Microsoft Cloud App Security is extending its IaaS monitoring capabilities beyond Amazon Web Services and now supports Microsoft Azure. 這可讓您使用 Cloud App Security 順暢地連線及監視所有 Azure 訂用帳戶。This enables you to seamlessly connect and monitor all your Azure subscriptions with Cloud App Security. 此連線會為您提供一組功能強大的工具來保護 Azure 環境,其中包括:This connection provides you with a powerful set of tools to protect your Azure environment, including:

    • 透過入口網站執行全部活動的可見度Visibility into all activities performed through the portal

    • 能夠建立自訂原則來警示不想要的行為,以及能夠藉由暫停可能具風險之使用者的權限或強制其重新登入,自動為其提供保護。Ability to create custom policies to alert on unwanted behavior, as well as the ability to automatically protect possible risky users by suspending, or forcing them to sign in again.

    • 我們的異常偵測引擎會涵蓋所有 Azure 活動,並將自動警示 Azure 入口網站中任何可疑的行為,例如,不可能的移動、可疑的大量活動,以及來自新國家/地區的活動。All Azure activities are covered by our anomaly detection engine and will automatically alert on any suspicious behavior in the Azure portal, such as impossible travel, suspicious mass activities, and activity from a new country.

    如需詳細資訊,請參閱將 Azure 連線至 Microsoft Cloud App SecurityFor more information, see Connect Azure to Microsoft Cloud App Security.

  • 限域部署 (逐漸推出)Scoped deployments (gradual rollout)
    Microsoft Cloud App Security 讓企業能夠根據群組成員資格,精細地判斷其想要監視及保護哪些使用者。Microsoft Cloud App Security provides enterprises with the ability to granularly determine which users they want to monitor and protect based on group membership. 此功能可讓您選取將不會針對任何受保護應用程式顯示其活動的使用者。This feature enables you to select users whose activities will not show up for any of the protected applications. 限域監視功能特別適用於:The scoped monitoring capability is especially useful for:

    • 合規性:如果您的合規性法規要求您避免因當地法規而監視特定國家/地區的使用者。Compliance – If your compliance regulations necessitate that you refrain from monitoring users from certain countries/regions due to local regulations.
    • 授權:如果您想要監視較少的使用者,以維持在 Microsoft Cloud App Security 授權的限制範圍內。Licensing – If you want to monitor fewer users to stay within the limits of your Microsoft Cloud App Security licenses. 如需詳細資訊,請參閱限域部署For more information, see Scoped deployment.
  • 探索到的應用程式違反了應用程式警示Breached app alert for discovered apps
    我們現在有一個內建警示,可在違反任何租用戶探索到的應用程式時通知您。We now have a built-in alert to notify you when any of a tenant's discovered apps is breached. 此警示將提供有關缺口的時間和日期、哪些使用者使用了應用程式的相關資訊,並將連結至公開可用的來源,以提供缺口的相關資訊。The alert will provide information about the time and date of the breach, which users used the app, and will link to publicly available sources that provide information about the breach.

  • 新增郵件伺服器New mail server
    Cloud App Security 的郵件伺服器已變更,並使用不同的 IP 位址範圍。Cloud App Security's mail server changed and uses different IP address ranges. 為了確保您可以取得通知,請將新的 IP 位址新增到您的反垃圾郵件允許清單。To make sure you can get notifications, add the new IP addresses to your anti-spam allow list. 針對自訂通知的使用者,Microsoft Cloud App Security 會使用 MailChimp® (協力廠商電子郵件服務) 來為您啟用此功能。For users who customize their notifications, Microsoft Cloud App Security enables this for you using MailChimp®, a third-party email service. 如需郵件伺服器 IP 位址的清單,以及能夠使用 MailChimp 的指示,請參閱網路需求郵件設定For the list of mail server IP addresses, and instructions for enabling work with MailChimp, see Network requirements and Mail settings.

Cloud App Security 123 版Cloud App Security release 123

發行日期:2018 年 5 月 13 日Released May 13, 2018

  • 異常偵測原則範圍設定Anomaly detection policy scoping:
    異常偵測原則現在可以設定範圍。The anomaly detection policies can now be scoped. 這可讓您設定每個異常偵測原則,使其只包含特定使用者或群組,以及排除特定使用者或群組。This enables you to set each anomaly detection policy to include only specific users or groups, and to exclude specific users or groups. 例如,您可以設定 [非經常性國家/地區的活動] 偵測,以忽略經常旅行的特定使用者。For example, you can set the Activity from infrequent county detection to ignore a specific user who travels frequently.

Cloud App Security 122 版Cloud App Security release 122

發行日期:2018 年 4 月 29 日Released April 29, 2018

  • 逐漸推出:您現在可以為每個應用程式設定 Microsoft Cloud App Security 管理員的管理權限Gradual rollout: You can now set administrative permissions to Microsoft Cloud App Security admins per app. 例如,您可以將特定使用者設定為僅適用 G Suite 的管理員。For example, you can set a specific user as an administrator for only G Suite. 這樣讓使用者只能在其僅與 G Suite 相關時,檢視和修改 Microsoft Cloud App Security 中的資訊。This would enable the user to view and modify information in Microsoft Cloud App Security only when it relates exclusively to G Suite. 如需詳細資訊,請參閱管理管理員存取權For more information, see Managing admin access.

  • 逐漸推出:Okta 管理員角色現在會顯示於 Microsoft Cloud App Security 中,而且會在 [設定] > [使用者群組] 下方,以標籤形式提供給每個角色。Gradual rollout: Okta admin roles are now visible in Microsoft Cloud App Security and are available for each role as a tag under Settings > User groups.

Cloud App Security 121 版Cloud App Security release 121

發行日期:2018 年 4 月 22 日Released April 22, 2018

  • 條件式存取應用程式控制 (之前稱為 Cloud App Security Proxy) 的公開預覽版已透過可更深入洞察及控制各種應用程式的功能來增強。The public preview of Conditional Access App Control (formerly known as Cloud App Security Proxy) has been enhanced with capabilities that facilitate deeper visibility into, and control over various applications. 您現在可以使用「活動類型」篩選條件來建立工作階段原則,以監視和封鎖各種不同的應用程式特定活動。You can now create a Session Policy with an Activity type filter, to monitor, and block a variety of app-specific activities. 這個新的篩選條件加強了現有的檔案下載控制功能,可讓您全面控制組織中的應用程式,並與 Azure Active Directory 條件式存取一起工作,以提供風險性使用者工作階段的即時可見度和控制,例如,具有 B2B 共同作業使用者或來自非受控裝置之使用者的工作階段。This new filter augments the existing file download control features, to provide you with comprehensive control of the applications in your organization and works hand-in-hand with Azure Active Directory conditional access, to provide real-time visibility and control of risky user sessions — for example, sessions with B2B collaboration users or users coming from an unmanaged device. 如需詳細資訊,請參閱工作階段原則For more information, see Session policies.

  • 逐漸推出:Cloud App Security 的異常偵測原則已改善,可包含兩種新的威脅偵測類型:勒索軟體活動和離職使用者的活動。Gradual rollout: Cloud App Security's anomaly detection policies have been improved to include two new types of threat detection: Ransomware activity and Terminated user activity. Cloud App Security 利用異常偵測來擴充其勒索軟體偵測功能,以確保會針對複雜的勒索軟體攻擊提供更全面的涵蓋範圍。Cloud App Security extended its ransomware detection capabilities with anomaly detection to ensure a more comprehensive coverage against sophisticated Ransomware attacks. 使用我們的安全性研究專業知識來識別反映勒索軟體活動的行為模式,Cloud App Security 確保會提供全面性的健全保護。Using our security research expertise to identify behavioral patterns that reflect ransomware activity, Cloud App Security ensures holistic and robust protection. 離職使用者的活動可讓您監視離職使用者的帳戶 (可能已從公司應用程式中將其解除佈建),但在許多情況下,其仍會保留特定公司資源的存取權。Terminated user activity enables you to monitor the accounts of terminated users, who may have been de-provisioned from corporate apps, but in many cases they still retain access to certain corporate resources. 如需詳細資訊,請參閱取得即時的行為分析和異常偵測For more information, see Get instantaneous behavioral analytics and anomaly detection.

Cloud App Security 120 版Cloud App Security release 120

發行日期:2018 年 4 月 8 日Released April 8, 2018

  • 針對 Office 365 和 Azure AD,我們現正逐漸推出以 Office 365 和 Azure AD 應用程式 (內部和外部) 所執行的使用者帳戶活動來偵測內部應用程式的功能。For Office 365 and Azure AD, we are now gradually rolling out the ability to detect internal applications as user account activities performed by the Office 365 and Azure AD applications (both internal and external). 這可讓您建立原則,以便在應用程式執行未預期與未經授權的活動時向您發出警示。This enables you to create policies that will alert you if an application performs unexpected and unauthorized activities.

  • 將應用程式權限清單匯出至 csv 時,會包含發行者、權限等級及社群使用方式等其他欄位,以協助進行合規性與調查程序。When exporting an app permissions list to csv, additional fields such as publisher, permissions level, and community usage are included to assist with the compliance and investigation process.

  • 已改善 ServiceNow 連線的應用程式,讓內部服務活動不再註冊為已由「來賓」執行,而且不再觸發誤判為真的警示。The ServiceNow connected app was improved so that internal service activities no longer register as having been performed by "Guest" and no longer trigger false positive alerts. 這些活動現在會表示為 N/A,如同所有其他已連線的應用程式。These activities are now represented as N/A like all other connected apps.

Cloud App Security 119 版Cloud App Security release 119

發行日期:2018 年 3 月 18 日Released March 18, 2018

  • [IP 位址範圍] 頁面包含 Cloud App Security 探索到的內建 IP 位址。The IP address ranges page includes built-in IP addresses that are discovered by Cloud App Security. 這包括已識別之雲端服務 (例如 Azure 和 Office 365) 的 IP 位址以及威脅情報摘要,此摘要會使用已知具風險之 IP 位址的相關資訊,自動豐富 IP 位址。This includes IP addresses for identified cloud services, like Azure and Office 365, as well as the Threat intelligence feed that automatically enriches IP addresses with information about known risky IP addresses.

  • 當 Cloud App Security 嘗試在檔案上執行治理動作,但因為檔案已遭鎖定而失敗時,它現在將會自動重試治理動作。When Cloud App Security attempts to run a governance action on a file but fails because the file is locked, it will now automatically retry the governance action.

Cloud App Security 118 版Cloud App Security release 118

發行日期:2018 年 3 月 4 日Released March 4, 2018

  • 您現在可以在自己專屬的自訂應用程式上,利用 Microsoft Cloud App Security 的影子 IT 探索和監視功能。You can now take advantage of Microsoft Cloud App Security's shadow IT discovery and monitoring capabilities on your own proprietary custom apps. 將自訂應用程式新增到 Cloud Discovery 的新功能,可讓您監視應用程式使用方式,並在使用模式變更時收到警示。The new ability to add custom apps to Cloud Discovery enables you to monitor app usage and get alerted on changes in the usage pattern. 如需詳細資訊,請參閱保護您的自訂應用程式For more information, see Protecting your custom apps. 這項功能正逐步推出。This feature is being rolled out gradually.

  • Cloud App Security 入口網站的 [設定] 頁面已重新設計。The Cloud App Security portal Settings pages were redesigned. 新的設計會合併所有設定頁面、提供搜尋功能,以及改善的設計。The new design consolidates all the settings pages, provides search functionality, and an improved design.

  • Cloud Discovery 現在支援 Barracuda F 系列防火牆和 Barracuda F 系列防火牆 Web 記錄串流。Cloud Discovery now supports Barracuda F-Series Firewalls and Barracuda F-Series Firewall Web Log Streaming.

  • [使用者] 與 [IP 位址] 頁面中的搜尋功能現在可自動完成,讓您更輕鬆地找到正在尋找的內容。The search functionality in the User and IP address pages now enables auto complete to make it easier for you to find what you're looking for.

  • 您現在可以在 [排除實體] 和 [排除 IP 位址設定] 頁面中執行大量動作。You can now perform bulk actions in the Exclude entities and Exclude IP address settings pages. 這讓您能夠更輕鬆地選取多個使用者或 IP 位址,這樣一來,在組織中使用 Cloud Discovery 進行監視時,便可予以排除。This makes it easier for you to select multiple users or IP addresses and exclude them from being monitored as part of the Cloud Discovery in your organization.

Cloud App Security 版本 117Cloud App Security release 117

2018 年 2 月 20 日發行Released February 20, 2018

  • Cloud App Security 現在與 Azure 資訊保護深度整合,讓您得以保護 G Suite 中的檔案。Cloud App Security deepened integration with Azure Information Protection now enables you to protect files in G Suite. 此公用預覽功能可讓您掃描與分類 G Suite 中的檔案,並自動套用 Azure 資訊保護標籤以供保護。This public preview feature enables you to scan and classify files in G Suite, and automatically apply Azure Information protection labels for protection. 如需詳細資訊,請參閱 Azure 資訊保護整合For more information, see Azure Information Protection integration.

  • Cloud Discovery 現在支援 Digital Arts i-FILTER (英文)。Cloud Discovery now supports Digital Arts i-FILTER.

  • SIEM 代理程式資料表現在包含了更多詳細資料,以方便管理。The SIEM agents table now includes more detail for easier management.

Cloud App Security 116 版Cloud App Security release 116

發行日期:2018 年 2 月 4 日Released February 4, 2018

  • Cloud App Security 的異常偵測原則已利用新的案例型偵測來增強,包括不可能的移動、來自可疑 IP 位址的活動,以及多次失敗登入嘗試。Cloud App Security's anomaly detection policy was enhanced with new scenario-based detections including impossible travel, activity from a suspicious IP address, and multiple failed login attempts. 系統會自動啟用新的原則,並在您的雲端環境中提供現成可用的威脅偵測。The new policies are automatically enabled, providing out-of-the-box threat detection across your cloud environment. 此外,新的原則還會公開更多來自 Cloud App Security 偵測引擎的資料,以協助您加速調查程序,並遏制持續存在的威脅。In addition, the new policies expose more data from the Cloud App Security detection engine, to help you speed up the investigation process and contain ongoing threats. 如需詳細資訊,請參閱取得即時的行為分析和異常偵測For more information, see Get instantaneous behavioral analytics and anomaly detection.

  • 逐漸推出:Cloud App Security 現在可以跨 SaaS 應用程式來將使用者及其帳戶相互關聯。Gradual rollout: Cloud App Security now correlates between users and their accounts across SaaS apps. 這可讓您針對使用者,跨其所有不同的相互關聯 SaaS 應用程式,輕鬆地調查所有活動,而不論其使用的是哪一個應用程式或帳戶。This enables you to easily investigate all the activities for a user, across all their various correlated SaaS apps, no matter which app or account they used.

  • 逐漸推出:Cloud App Security 現在支援同一個已連線應用程式的多個執行個體。Gradual rollout: Cloud App Security now supports multiple instances of the same connected app. 例如,如果您具有多個 Salesforce 執行個體 (一個用於銷售,一個用於行銷),則您可以將其同時連線到 Cloud App Security,並從相同的主控台進行管理,以建立更細微的原則和更深入的調查。If you have multiple instances of, for example, Salesforce (one for sales, one for marketing) you will be able to connect them both to Cloud App Security and manage them from the same console to create granular policies and deeper investigation.

  • Cloud Discovery 剖析器現在支援兩個其他的檢查點格式:XML 和 KPC。The Cloud Discovery parsers now support two additional Checkpoint formats, XML, and KPC.

Cloud App Security 115 版Cloud App Security release 115

發行日期:2018 年 1 月 21 日Released January 21, 2018

  • 此版本提供在檔案原則中選取特定資料夾時的改善體驗。This release provides an improved experience when selecting specific folders in file policies. 您現在可以輕鬆地檢視及選取要包含於原則中的多個資料夾。You can now easily view and select multiple folders to include in a policy.
  • 在 [探索到的應用程式] 頁面中:In the Discovered apps page:
    • 大量標記功能可讓您套用自訂標籤 (除了獲批准和待批准的標籤以外)。The bulk tagging feature enables you to apply custom tags (in addition to sanctioned and unsanctioned tags).
    • 當您產生 IP 位址報告產生使用者報告時,匯出的報告現在包含流量是否來自獲批准或待批准應用程式的相關資訊。When you Generate an IP addresses report, or Generate a users report the exported reports now include the information about whether the traffic was from sanctioned or unsanctioned apps.
  • 您現在可以直接在入口網站中,從 [連線到應用程式] 頁面,向 Microsoft Cloud App Security 小組要求新的 API 應用程式連接器。You can now request a new API App connector from the Microsoft Cloud App Security team directly in the portal, from the Connect an app page.

Cloud App Security 114 版Cloud App Security release 114

發行日期:2018 年 1 月 7 日Released January 7, 2018

  • 從 114 版開始,我們正逐漸推出在 [活動記錄] 與 [探索到的應用程式] 頁面中建立和儲存自訂查詢的功能。Beginning in version 114, we are gradually rolling out the ability to create and save custom queries in the Activity log and Discovered apps pages. 自訂查詢讓您能夠建立可重複使用的篩選範本,以進行深入調查。Custom queries enable you to create filter templates that can be reused for deep-dive investigation. 此外,已新增 [建議的查詢],以提供現成的調查範本來篩選您的活動和探索到的應用程式。In addition, Suggested queries have been added to provide out-of-the-box investigation templates to filter your activities and discovered apps. 建議的查詢包含自訂篩選條件來識別風險,例如,模擬活動、管理員活動、具風險且不符合規範的雲端儲存體應用程式、具有弱式加密的企業應用程式,以及安全性風險。The Suggested queries include custom filters to identify risks such as impersonation activities, administrator activities, risky non-compliant cloud storage apps, enterprise apps with weak encryption, and security risks. 您可以使用建議的查詢作為起點,並視需要加以修改,然後將其儲存為新查詢。You can use the Suggested queries as a starting point, modify them as you see fit, and then save them as a new query. 如需詳細資訊,請參閱活動篩選與查詢探索到的應用程式篩選與查詢For more information, see Activity filters and queries and Discovered app filters and queries.

  • 您現在可以前往 status.cloudappsecurity.com,或直接從入口網站中按一下 [說明]>[系統狀態],來檢查目前的 Cloud App Security 服務狀態。You can now check the current Cloud App Security service status by going status.cloudappsecurity.com or directly from within the portal by clicking on Help>System status.

另請參閱See Also

如需此處所列版本之前的版本說明,請參閱 Microsoft Cloud App Security 的過去版本For a description of releases prior to those listed here, see Past releases of Microsoft Cloud App Security.

若您遇到任何問題,我們隨時提供協助。If you run into any problems, we're here to help. 若要取得產品問題的協助或支援,請建立支援票證To get assistance or support for your product issue, please open a support ticket.