check before: 2024-06-01
Product:
Defender, Defender for Cloud Apps
Platform:
World tenant, Online
Status:
Change type:
Admin impact, Retirement, Updated message, User impact
Links:
Details:
Summary:
Microsoft is retiring the "Cloud Discovery anomaly detection" policy from Defender for Cloud Apps due to high false positives. Rollout begins late June 2024 and ends late September 2024. Affected users should switch to "App discovery policy" and set filters as needed.
Details:
Updated August 15, 2024: We have updated the rollout timeline below. Thank you for your patience.
We will be gradually retiring the "Cloud Discovery anomaly detection" policy support from Microsoft Defender for Cloud Apps between June and July 2024.
After careful analysis and consideration, we have decided to retire it due to the high rate of false positives associated with this alert, which we found was not contributing effectively to the overall security of your organization. Our research indicated that this feature was not adding significant value and was not aligned with our strategic focus on delivering high-quality, reliable security solutions. We are committed to continuously improving our services and ensuring that they meet your needs and expectations.
[When this will happen:]
We will begin rolling this out in late June 2024 (previously early June) and expect to complete by late September 2024 (previously late July).
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2024-04-23
updated:
2024-08-16
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
additional Info URL
XXXXXXX ... free basic plan only
Direct effects for Operations**
Loss of Anomaly Detection Alerts
Retirement of the 'Cloud Discovery anomaly detection' policy will lead to the absence of alerts for potential security anomalies, increasing the risk of undetected security threats.
- impacted roles: SOC Administrators, Security Analysts
- references: https://aka.ms/cloud-discovery-anomaly-doc
Increased Manual Monitoring
With the removal of automated anomaly detection, SOC teams will need to increase manual monitoring efforts, potentially leading to oversight and delayed responses to security incidents.
- impacted roles: SOC Administrators, Security Analysts
- references: https://aka.ms/cloud-discovery-anomaly-doc
User Experience Degradation
Users may experience a decline in security assurance and trust in the system as alerts for anomalies are no longer generated, potentially leading to increased anxiety regarding data security.
- impacted roles: End Users, IT Support Staff
- references: https://aka.ms/cloud-discovery-anomaly-doc
Need for Policy Transition
Organizations will need to transition to the 'App discovery policy', which may require additional training and adjustment time for SOC teams, leading to temporary inefficiencies.
- impacted roles: SOC Administrators, Security Analysts
- references: https://aka.ms/cloud-discovery-anomaly-doc
Potential Increase in False Negatives
The shift to 'App discovery policy' may not effectively capture all anomalies, leading to a potential increase in false negatives and undetected security issues.
- impacted roles: SOC Administrators, Security Analysts
- references: https://aka.ms/cloud-discovery-anomaly-doc
Potentional Risks**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
change history
Date | Property | old | new |
2024-08-16 | MC Last Updated | 06/19/2024 20:35:06 | 2024-08-16T01:40:05Z |
2024-08-16 | MC Messages | Updated June 19, 2024: We have updated the rollout timeline below. Thank you for your patience.
We will be gradually retiring the "Cloud Discovery anomaly detection" policy support from Microsoft Defender for Cloud Apps between June and July 2024. After careful analysis and consideration, we have decided to retire it due to the high rate of false positives associated with this alert, which we found was not contributing effectively to the overall security of your organization. Our research indicated that this feature was not adding significant value and was not aligned with our strategic focus on delivering high-quality, reliable security solutions. We are committed to continuously improving our services and ensuring that they meet your needs and expectations. [When this will happen:] We will begin rolling this out in late June 2024 (previously early June) and expect to complete by late July 2024. | Updated August 15, 2024: We have updated the rollout timeline below. Thank you for your patience.
We will be gradually retiring the "Cloud Discovery anomaly detection" policy support from Microsoft Defender for Cloud Apps between June and July 2024. After careful analysis and consideration, we have decided to retire it due to the high rate of false positives associated with this alert, which we found was not contributing effectively to the overall security of your organization. Our research indicated that this feature was not adding significant value and was not aligned with our strategic focus on delivering high-quality, reliable security solutions. We are committed to continuously improving our services and ensuring that they meet your needs and expectations. [When this will happen:] We will begin rolling this out in late June 2024 (previously early June) and expect to complete by late September 2024 (previously late July). |
2024-08-16 | MC End Time | 09/02/2024 09:00:00 | 2024-11-11T08:00:00Z |
2024-08-16 | MC Summary | Microsoft is retiring the "Cloud Discovery anomaly detection" policy from Defender for Cloud Apps due to high false positives. Rollout begins late June 2024 and ends late July 2024. Affected users should switch to "App discovery policy" and set filters as needed. | Microsoft is retiring the "Cloud Discovery anomaly detection" policy from Defender for Cloud Apps due to high false positives. Rollout begins late June 2024 and ends late September 2024. Affected users should switch to "App discovery policy" and set filters as needed. |
2024-06-20 | MC Messages | We will be gradually retiring the "Cloud Discovery anomaly detection" policy support from Microsoft Defender for Cloud Apps between June and July 2024.
After careful analysis and consideration, we have decided to retire it due to the high rate of false positives associated with this alert, which we found was not contributing effectively to the overall security of your organization. Our research indicated that this feature was not adding significant value and was not aligned with our strategic focus on delivering high-quality, reliable security solutions. We are committed to continuously improving our services and ensuring that they meet your needs and expectations. [When this will happen:] We will begin rolling this out in early June 2024 and expect to complete by late July 2024. | Updated June 19, 2024: We have updated the rollout timeline below. Thank you for your patience.
We will be gradually retiring the "Cloud Discovery anomaly detection" policy support from Microsoft Defender for Cloud Apps between June and July 2024. After careful analysis and consideration, we have decided to retire it due to the high rate of false positives associated with this alert, which we found was not contributing effectively to the overall security of your organization. Our research indicated that this feature was not adding significant value and was not aligned with our strategic focus on delivering high-quality, reliable security solutions. We are committed to continuously improving our services and ensuring that they meet your needs and expectations. [When this will happen:] We will begin rolling this out in late June 2024 (previously early June) and expect to complete by late July 2024. |
2024-06-20 | MC Title | Cloud Discovery anomaly detection policy to be retired | (Updated) Cloud Discovery anomaly detection policy to be retired |
2024-06-20 | MC Last Updated | 04/22/2024 23:55:43 | 2024-06-19T20:35:06Z |
2024-06-20 | MC MessageTagNames | User impact, Admin impact, Retirement | Updated message, User impact, Admin impact, Retirement |
2024-06-20 | MC Summary | Microsoft is retiring the "Cloud Discovery anomaly detection" policy from Defender for Cloud Apps due to high false positives. Rollout begins early June 2024 and ends late July 2024. Affected users should switch to "App discovery policy" and set filters as needed. | Microsoft is retiring the "Cloud Discovery anomaly detection" policy from Defender for Cloud Apps due to high false positives. Rollout begins late June 2024 and ends late July 2024. Affected users should switch to "App discovery policy" and set filters as needed. |
Last updated 2 weeks ago