Merge branch 'main' into patch-3

Author: padmagit77

CloudAppSecurityDocs/app-governance-app-policies-create.md

@@ -99,7 +99,7 @@ Use a custom app policy when you need to do something not already done by one of
    > [!NOTE]
    > Some policy conditions are only applicable to apps that access Graph API permissions. When evaluating apps that access only non-Graph APIs, app governance skips these policy conditions and proceed to check only other policy conditions.
 
-5. Here are the available conditions for a custom app policy:
+1. Here are the available conditions for a custom app policy:
 
    |Condition|Condition values accepted|Description|More information|
    |---|---|---|---|
@@ -123,9 +123,9 @@ Use a custom app policy when you need to do something not already done by one of
    |**Sensitivity labels accessed**|Select one or more sensitivity labels from the list|Apps that accessed data with specific sensitivity labels in the last 30 days.||
    |**Services accessed** (Graph only)|Exchange and/or OneDrive and/or SharePoint and/or Teams|Apps that have accessed OneDrive, SharePoint, or Exchange Online using Microsoft Graph and EWS APIs|Multiple selections allowed.|
    |**Error rate** (Graph only)|Error rate is greater than X% in the last seven days|Apps whose Graph API error rates in the last seven days are greater than a specified percentage||
-   |**App origin** (Preview)|External or Internal|Apps that originated within the tenant or registered in an external tenant||
-
-   All of the specified conditions must be met for this app policy to generate an alert.
+   |**App origin**|External or Internal|Apps that originated within the tenant or registered in an external tenant||
+   
+      All of the specified conditions must be met for this app policy to generate an alert.
 
 6. When you're done specifying the conditions, select **Save**, and then select **Next**.
 
@@ -166,7 +166,7 @@ Policies for OAuth apps trigger alerts only on policies that are authorized by u
 1. Go to **Microsoft Defender XDR > App governance > Policies > Other apps**. For example:
 
     ![Other apps-policy creation](media/app-governance-app-policies-create/other-apps-policy-creation.jpg)
-
+   
 2. Filter the apps according to your needs. For example, you might want to view all apps that request **Permission** to **Modify calendars in your mailbox**.
 
    > [!TIP]

CloudAppSecurityDocs/app-governance-get-started.md

@@ -21,7 +21,8 @@ Before you start, verify that you satisfy the following prerequisites:
 
 - You must have [one of the appropriate roles](#roles) to turn on app governance and access it.
 
-- Your organization's billing address must be in a region **other than** Brazil, Singapore, Latin America, South Korea, Switzerland, Norway, South Africa, Sweden, or United Arab Emirates.
+
+- Your organization's billing address must be in a region **other than** Brazil, Singapore, Latin America, South Korea, Switzerland, Norway, Poland, Italy, Qatar, Israel, Spain, Mexico, South Africa, Sweden, or United Arab Emirates.
 
 ## Turn on app governance
 

CloudAppSecurityDocs/app-governance-visibility-insights-get-started.md

@@ -45,7 +45,7 @@ One of the primary value points for app governance is the ability to quickly vie
 
    - **Privilege level**
 
-   - **Permission** (Preview)
+   - **Permission**
 
    - **Permission usage**
 
@@ -56,8 +56,8 @@ One of the primary value points for app governance is the ability to quickly vie
    - **Publisher verified**
 
     Use one of the following nondefault filters to further customize the apps listed:
-   
-   - **Last modified**
+
+- **Last modified**
 
    - **Added on**
 

CloudAppSecurityDocs/app-governance-visibility-insights-view-apps.md

@@ -31,7 +31,7 @@ On the **Microsoft 365** tab, the apps in your tenant are listed with the follow
 | **App status** | Shows whether the app is enabled or disabled, and if disabled by whom |
 | **Graph API access**| Shows whether the app has at least one Graph API permission |
 | **Permission type**| Shows whether the app has application (app only), delegated, or mixed permissions |
-| **App origin** (Preview)| Shows whether the app originated within the tenant or was registered in an external tenant |
+| **App origin**| Shows whether the app originated within the tenant or was registered in an external tenant |
 | **Consent type**| Shows whether the app consent has been given at the user or the admin level, and the number of users whose data is accessible to the app |
 | **Publisher**| Publisher of the app and their verification status |
 | **Last modified**| Date and time when registration information was last updated on Microsoft Entra ID |
@@ -69,10 +69,10 @@ In the details pane, select any of the following tabs to view more details:
 
 - Select the **Users** tab to see a list of users who are using the app, whether they're a priority account, and the amount of data downloaded and uploaded. For example:
 
-    :::image type="content" source="media/app-governance-visibility-insights-view-apps/users.png" alt-text="Screenshot of the Users tab.":::
-
-    If an app is *admin consented*, the **Total consented users** are all users in the tenant.
-
+  ![Screenshot 2025-02-24 005703](media/app-governance-visibility-insights-view-apps/screenshot-2025-02-24-005703.png)
+  
+   If an app is *admin consented*, the **Total consented users** are all users in the tenant.
+  
 - Select the **Permissions** tab to see a summary and list of the Graph API and legacy permissions granted to the app, consent type, privilege level and whether they are in use. For example:
 
     :::image type="content" source="media/app-governance-visibility-insights-view-apps/permissions.png" alt-text="Screenshot of the Permissions tab.":::

CloudAppSecurityDocs/media/app-governance-visibility-insights-view-apps/screenshot-2025-02-24-005703.png

@@ -21,14 +21,26 @@ For news about earlier releases, see [Archive of past updates for Microsoft Defe
 
 ## February 2025
 
+### Enhanced Visibility into OAuth Apps Connected to Microsoft 365 - General Availability
+
+Defender for Cloud Apps users who use app governance will be able to gain visibility into the origin of OAuth apps connected to Microsoft 365. You can filter and monitor apps that have external origins, to proactively review such apps and improve the security posture of the organization. 
+
+The new *Permissions* filter and export capabilities allows you to quickly identify apps with specific permissions to access Microsoft 365. 
+
+You can now get granular insights into data accessed by apps using legacy EWS API alongside Microsoft Graph. The enhanced coverage of data usage insights will enable you to get deeper visibility into apps accessing emails using legacy EWS API.
+
+We are also expanding the coverage of privilege level feature for all popular Microsoft first-party API permissions. The enhanced coverage of privilege level classification will enable you to view and monitor apps with powerful permissions into legacy and other non-Graph APIs that have access to Microsoft 365. 
+
+For more information, see [detailed insights into OAuth apps](/defender-cloud-apps/app-governance-visibility-insights-view-apps#getting-detailed-information-on-an-app).
+
 ### Enhanced alert source accuracy
 
 Microsoft Defender for Cloud Apps is enhancing its alert sources to deliver more precise information. This update, applicable to new alerts only, will be reflected across various experiences and APIs, including the Defender XDR portal, Advanced hunting, and Graph API.   
 The goal is to improve the accuracy of alert origins, facilitating better identification, management, and response to alerts.
 
 To learn more about the different alert sources in Defender XDR see the _Alert sources_ section of [Investigate alerts in Microsoft Defender XDR - Microsoft Defender XDR | Microsoft Learn](/defender-xdr/investigate-alerts?tabs=settings)
 
-To learn more about the Graph API alert resource: [alert resource type - Microsoft Graph v1.0 | Microsoft Learn](/graph/api/resources/security-alert?view=graph-rest-1.0)
+To learn more about the Graph API alert resource: [alert resource type - Microsoft Graph v1.0 | Microsoft Learn](/graph/api/resources/security-alert?view=graph-rest-1.0&preserve-view=true)
 
 ### Network requirement updates