Skip to content

Microsoft CASB

Microsoft Cloud App Security is a Cloud Access Security Broker (CASB) that operates on multiple clouds. It provides rich visibility, control over data travel, and sophisticated analytical insight to identify and combat threats across all your cloud services.

Data Types

  • MICROSOFT_CASB

Configuration

Option One

  1. Deploy a Microsoft-provided Java program into the environment that will pull logs from Microsoft CASB using a "Generic SIEM Integration". See Microsoft documentation here.

  2. The Java program will push the logs to the CYDERES API via the CYCLOPS forwarder running in the environment. See CYCLOPS installation instructions found here.

  3. CYDRERES will provide a port number.

  4. Create firewall rules to allow HTTPS traffic to and from the Microsoft CASB to the server hosting the Java program.

Option Two

  1. Create a Microsoft CASB API token and provide to CYDERES. See Microsoft documentation here.

  2. CYDERES will deploy a cloud-based collector and provide the connection information.

  3. Configure Microsoft CASB to push logs to the CYDERES collector.