Microsoft Cloud App Security

Microsoft Cloud App Security is a Cloud Access Security Broker (CASB) that supports various deployment modes including log collection, API connectors, and reverse proxy.

Types of Assets Fetched

This adapter fetches the following types of assets:

• Users

Parameters

1. Portal URL (required) - The hostname or IP address of the Microsoft Cloud App Security server that Axonius can communicate with via the Required Ports. Refer to Cloud App Security REST API for details.
2. Authentication Method - Select the Authentication Method, either 'Token' or 'OAuth2'. If you choose Token, then 'Token' is displayed. If you choose 'OAuth2', 'Client ID', 'Client Secret', 'Tenant ID' and 'Application ID' are displayed.
3. Token (required) - This option is available when you choose 'Token' as the 'Authentication Method'. A Token associated with a user account that has permissions to fetch assets. Refer to API Tokens for details.
4. OAuth2 Options: The following options are displayed when you choose 'OAuth2' as the 'Authentication Method'. To use them you need to register the application, as explained in Access with application context.
   1. Client ID and Client Secret - Provided after registering the Application.
   2. Tenant ID - Provided by Microsoft.
   3. Application ID - Provided after registering the Application.
5. Verify SSL (required, default: False) - Verify the SSL certificate offered by the value supplied in Portal URL. For more details, see SSL Trust & CA Settings.
   • When enabled, the SSL certificate offered by the value supplied in Portal URL is verified against the CA database inside of Axonius. When the SSL certificate can not be validated against the CA database inside Axonius, the connection fails with an error.
   • When disabled, the SSL certificate offered by the value supplied in Portal URL is not verified against the CA database inside Axonius.
6. HTTPS Proxy (optional, default: empty) - A proxy to use when connecting to the value supplied in Portal URL.
   • When supplied, Axonius uses the proxy when connecting to the value supplied in Portal URL.
   • When not supplied, Axonius connects directly to the value supplied in Portal URL.
7. HTTPS Proxy User Name (optional, default: empty) - The user name to use when connecting to the value supplied in Portal URL via the value supplied in HTTPS Proxy.
   • When supplied, Axonius authenticates with this value when connecting to the value supplied in HTTPS Proxy.
   • When not supplied, Axonius does not perform authentication when connecting to the value supplied in HTTPS Proxy.
8. HTTPS Proxy Password (optional, default: empty) - The password to use when connecting to the value supplied in Portal URL via the value supplied in HTTPS Proxy.
   • When supplied, Axonius authenticates with this value when connecting to the value supplied in HTTPS Proxy.
   • When not supplied, Axonius does not perform authentication when connecting to the value supplied in HTTPS Proxy.
9. To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

APIs

Axonius uses the Microsoft List - Entities API.

Refer to Connecting to Cloud App Security API to learn how to generate a token.

Required Ports

Axonius must be able to communicate with the value supplied in Portal URL via the following ports:

• TCP port 443

Required Permissions

The value supplied in Token must be associated with credentials that have permissions to fetch assets.

Supported From Version

Supported from Axonius version 4.4