| title | description | ms.date | ms.topic |
|---|---|---|---|
Turn on and manage SaaS security posture management (SSPM) - Microsoft Defender for Cloud Apps |
Learn how to get security configuration recommendations in Defender for Cloud Apps for your organization's SaaS applications. |
01/18/2024 |
how-to |
Your SaaS application environments may be configured in a risky posture. Microsoft Defender for Cloud Apps provides you with risk security configuration assessments for your SaaS applications to help you prevent possible risks. These recommendations are shown via Microsoft Secure Score once you have a connector to an application. For example:
-
Your organization must have Microsoft Defender for Cloud Apps licenses.
-
Your app must be connected to Defender for Cloud Apps. For more information, see:
This procedure describes how to ensure that your connector is set to show data in Microsoft Secure Score for SaaS app security posture management.
-
In Microsoft Defender XDR, select Settings > Cloud Apps > Connected apps > App Connectors.
-
Use the filter to locate the app where you want to turn on Secure Score recommendations.
-
Open the instance drawer and note whether Secure Score recommendations are turned on or off. For example, the following screenshot shows that Secure Score recommendations are turned on for Okta Contoso EU instance:
:::image type="content" source="media/security-saas-secure-score-main-instance-drawer.png" alt-text="Screenshot of an instance where Secure Score recommendations are turned on." lightbox="media/security-saas-secure-score-main-instance-drawer.png":::
If the instance is currently set to Off, select the ... options menu and then select Turn on Secure Score recommendations. For example:
:::image type="content" source="media/security-saas-choose-secure-score-main-instance.png" alt-text="Screenshot of the Turn on Secure Score recommendations option." lightbox="media/security-saas-choose-secure-score-main-instance.png":::
[!NOTE] In case you have multiple instances of the same app, you can send security recommendations for each instance separately. Security recommendations for the selected instance are added to your Secure Score and impact your Secure Score rating.
Security recommendations are shown automatically in Microsoft Secure Score. Recommendations are based on Microsoft benchmarks, and may take up to 24 hours to update.
In Microsoft Secure Score, filter the Recommended actions tab by product to view any recommended actions. If you have multiple instances of an app, you can select to filter recommendations from specific instances only. For example:
:::image type="content" source="media/secure-score-filter.png" alt-text="Screenshot of a Secure Score filter showing multiple instances of an app.":::
Select a recommendation and then select the Implementation tab in the details pane for a step-by-step remediation guide.
For more information, see Assess your security posture with Microsoft Secure Score.
[!div class="nextstepaction"] Control cloud apps with policies
[!INCLUDE Open support ticket]