Microsoft is working to improve SaaS security, shifting to “to a comprehensive SaaS security solution.”

Software as a service is an increasingly important part of the remote and hybrid workplace, and is only growing in popularity. Unfortunately, properly securing SaaS applications can be a logistical nightmare. In fact, citing research from Better Cloud, Microsoft points to the 59% of security professionals that struggle to manage SaaS security.

Microsoft believes the key lies in protecting data within cloud apps, rather than just focusing on cloud access security. The company has expanded the scope of its Defender for Cloud Apps to help provide that layer of security.

Today, we are excited to announce that Defender for Cloud Apps is extending its SSPM capabilities to some of the most critical apps organizations use today, including Microsoft 365, Salesforce,3 ServiceNow,4 Okta,5 GitHub, and more.

Another important component of Defender for Cloud Apps is the ability to help personnel research configuration best practices for SaaS app security.

To streamline this process, Defender for Cloud Apps launched SSPM in June 2022 to surface misconfigurations and provide recommendations to strengthen an app’s posture.

In preview starting today, Defender for Cloud Apps now provides security posture management for Microsoft 365, Salesforce, ServiceNow, Okta, GitHub, and more. Not only are we expanding the breadth of app coverage but also the depth of assessments and capabilities for each application.

The tight integration within Microsoft 365 Defender will give organizations security across the full scope of their operations.

That’s why Defender for Cloud Apps is natively integrated into Microsoft 365 Defender. The XDR technology correlates signals from the Microsoft Defender suite across endpoints, identities, email, and SaaS apps to provide incident-level detection, investigation, and powerful response capabilities like automatic attack disruption. The integration of SaaS security into an XDR experience gives SOC teams full kill chain visibility and improves operational efficiency with better prioritization and shorter response times to ultimately protect the organization more effectively.