MC783218 – (Updated) Cloud Discovery anomaly detection policy to be retired (archived)

cloudscout.one Icon

check before: 2024-06-01

Product:

Defender, Defender for Cloud Apps

Platform:

World tenant, Online

Status:

Change type:

Admin impact, Retirement, Updated message, User impact

Links:

Details:

Summary:
Microsoft is retiring the "Cloud Discovery anomaly detection" policy from Defender for Cloud Apps due to high false positives. Rollout begins late June 2024 and ends late September 2024. Affected users should switch to "App discovery policy" and set filters as needed.

Details:
Updated August 15, 2024: We have updated the rollout timeline below. Thank you for your patience.
We will be gradually retiring the "Cloud Discovery anomaly detection" policy support from Microsoft Defender for Cloud Apps between June and July 2024.

After careful analysis and consideration, we have decided to retire it due to the high rate of false positives associated with this alert, which we found was not contributing effectively to the overall security of your organization. Our research indicated that this feature was not adding significant value and was not aligned with our strategic focus on delivering high-quality, reliable security solutions. We are committed to continuously improving our services and ensuring that they meet your needs and expectations.
[When this will happen:]
We will begin rolling this out in late June 2024 (previously early June) and expect to complete by late September 2024 (previously late July).

Change Category:
XXXXXXX ... free basic plan only

Scope:
XXXXXXX ... free basic plan only

Release Phase:

Created:
2024-04-23

updated:
2024-08-16

Task Type

XXXXXXX ... free basic plan only

Docu to Check

XXXXXXX ... free basic plan only

MS How does it affect me

XXXXXXX ... free basic plan only

MS Preperations

XXXXXXX ... free basic plan only

MS Urgency

XXXXXXX ... free basic plan only

MS workload name

XXXXXXX ... free basic plan only

additional Info URL

XXXXXXX ... free basic plan only

Direct effects for Operations**

Loss of Anomaly Detection Alerts
Retirement of the 'Cloud Discovery anomaly detection' policy will lead to the absence of alerts for potential security anomalies, increasing the risk of undetected security threats.
  - impacted roles: SOC Administrators, Security Analysts
  - references: https://aka.ms/cloud-discovery-anomaly-doc

Increased Manual Monitoring
With the removal of automated anomaly detection, SOC teams will need to increase manual monitoring efforts, potentially leading to oversight and delayed responses to security incidents.
  - impacted roles: SOC Administrators, Security Analysts
  - references: https://aka.ms/cloud-discovery-anomaly-doc

User Experience Degradation
Users may experience a decline in security assurance and trust in the system as alerts for anomalies are no longer generated, potentially leading to increased anxiety regarding data security.
  - impacted roles: End Users, IT Support Staff
  - references: https://aka.ms/cloud-discovery-anomaly-doc

Need for Policy Transition
Organizations will need to transition to the 'App discovery policy', which may require additional training and adjustment time for SOC teams, leading to temporary inefficiencies.
  - impacted roles: SOC Administrators, Security Analysts
  - references: https://aka.ms/cloud-discovery-anomaly-doc

Potential Increase in False Negatives
The shift to 'App discovery policy' may not effectively capture all anomalies, leading to a potential increase in false negatives and undetected security issues.
  - impacted roles: SOC Administrators, Security Analysts
  - references: https://aka.ms/cloud-discovery-anomaly-doc

Potentional Risks**

XXXXXXX ... paid membership only

IT Security**

XXXXXXX ... paid membership only

** AI generated content. This information must be reviewed before use.

a free basic plan is required to see more details. Sign up here


A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.



change history

DatePropertyoldnew
2024-08-16MC Last Updated06/19/2024 20:35:062024-08-16T01:40:05Z
2024-08-16MC MessagesUpdated June 19, 2024: We have updated the rollout timeline below. Thank you for your patience.
We will be gradually retiring the "Cloud Discovery anomaly detection" policy support from Microsoft Defender for Cloud Apps between June and July 2024.

After careful analysis and consideration, we have decided to retire it due to the high rate of false positives associated with this alert, which we found was not contributing effectively to the overall security of your organization. Our research indicated that this feature was not adding significant value and was not aligned with our strategic focus on delivering high-quality, reliable security solutions. We are committed to continuously improving our services and ensuring that they meet your needs and expectations.
[When this will happen:]
We will begin rolling this out in late June 2024 (previously early June) and expect to complete by late July 2024.
Updated August 15, 2024: We have updated the rollout timeline below. Thank you for your patience.
We will be gradually retiring the "Cloud Discovery anomaly detection" policy support from Microsoft Defender for Cloud Apps between June and July 2024.

After careful analysis and consideration, we have decided to retire it due to the high rate of false positives associated with this alert, which we found was not contributing effectively to the overall security of your organization. Our research indicated that this feature was not adding significant value and was not aligned with our strategic focus on delivering high-quality, reliable security solutions. We are committed to continuously improving our services and ensuring that they meet your needs and expectations.
[When this will happen:]
We will begin rolling this out in late June 2024 (previously early June) and expect to complete by late September 2024 (previously late July).
2024-08-16MC End Time09/02/2024 09:00:002024-11-11T08:00:00Z
2024-08-16MC SummaryMicrosoft is retiring the "Cloud Discovery anomaly detection" policy from Defender for Cloud Apps due to high false positives. Rollout begins late June 2024 and ends late July 2024. Affected users should switch to "App discovery policy" and set filters as needed.Microsoft is retiring the "Cloud Discovery anomaly detection" policy from Defender for Cloud Apps due to high false positives. Rollout begins late June 2024 and ends late September 2024. Affected users should switch to "App discovery policy" and set filters as needed.
2024-06-20MC MessagesWe will be gradually retiring the "Cloud Discovery anomaly detection" policy support from Microsoft Defender for Cloud Apps between June and July 2024.

After careful analysis and consideration, we have decided to retire it due to the high rate of false positives associated with this alert, which we found was not contributing effectively to the overall security of your organization. Our research indicated that this feature was not adding significant value and was not aligned with our strategic focus on delivering high-quality, reliable security solutions. We are committed to continuously improving our services and ensuring that they meet your needs and expectations.
[When this will happen:]
We will begin rolling this out in early June 2024 and expect to complete by late July 2024.
Updated June 19, 2024: We have updated the rollout timeline below. Thank you for your patience.
We will be gradually retiring the "Cloud Discovery anomaly detection" policy support from Microsoft Defender for Cloud Apps between June and July 2024.

After careful analysis and consideration, we have decided to retire it due to the high rate of false positives associated with this alert, which we found was not contributing effectively to the overall security of your organization. Our research indicated that this feature was not adding significant value and was not aligned with our strategic focus on delivering high-quality, reliable security solutions. We are committed to continuously improving our services and ensuring that they meet your needs and expectations.
[When this will happen:]
We will begin rolling this out in late June 2024 (previously early June) and expect to complete by late July 2024.
2024-06-20MC TitleCloud Discovery anomaly detection policy to be retired(Updated) Cloud Discovery anomaly detection policy to be retired
2024-06-20MC Last Updated04/22/2024 23:55:432024-06-19T20:35:06Z
2024-06-20MC MessageTagNamesUser impact, Admin impact, RetirementUpdated message, User impact, Admin impact, Retirement
2024-06-20MC SummaryMicrosoft is retiring the "Cloud Discovery anomaly detection" policy from Defender for Cloud Apps due to high false positives. Rollout begins early June 2024 and ends late July 2024. Affected users should switch to "App discovery policy" and set filters as needed.Microsoft is retiring the "Cloud Discovery anomaly detection" policy from Defender for Cloud Apps due to high false positives. Rollout begins late June 2024 and ends late July 2024. Affected users should switch to "App discovery policy" and set filters as needed.

Last updated 2 weeks ago

Share to MS Teams

Login to your account

Welcome Back, We Missed You!