Overview
Microsoft Defender for Cloud Apps (formerly Cloud App Security) is a multimode cloud access security broker (CASB) that provides visibility, control over data travel, and sophisticated analytics to identify and combat cyber threats across all Microsoft cloud services. Blumira integrates with Microsoft Defender for Cloud Apps to stream Microsoft cloud security event logs and alerts to the Blumira service for threat detection and actionable response.
Before you begin
To gather your Cloud Apps token and URL, do the following:
- Log in to https://security.microsoft.com.
- Navigate to Settings.
- Click Cloud Apps.
- Click API Tokens.
- Click + to add a new token.
- Enter a name, such as “Blumira Cloud Connector.”
- Copy the token and the URL for use in the Blumira Cloud Connector.
Configuring the MS Cloud Apps Cloud Connector
Cloud Connectors automate the configuration of your integrations without requiring you to use a sensor. After you obtain your integration's configuration parameters, you can then enable Blumira to collect your logs.
To configure the Blumira Cloud Connector:
- In the Blumira app, navigate to Settings > Cloud Connectors.
- Click + Add Cloud Connector.
- In the Available Cloud Connectors window, click the connector you want to add.
- In the Cloud Connector Name box, type a name to help identify the specific integration.
- Enter the credentials that you collected in the previous steps.
- Click Connect.