Merge pull request #4455 from anandd512/docs-editor/release-notes-1730791406

Update release-notes.md

Author: v-dirichards

CloudAppSecurityDocs/app-governance-app-policies-create.md

@@ -7,7 +7,7 @@ description: Get started learning about app governance policies with Microsoft D
 
 # Get started with app policies
 
-Policies for app governance are a way to implement proactive and reactive alerts and automatic remediation for your specific needs for app compliance in your organization. You can create policies in app governance to manage OAuth apps in Microsoft Entra ID, Google and Salesforce.
+Policies for app governance are a way to implement proactive and reactive alerts and automatic remediation for your specific needs for app compliance in your organization. You can create policies in app governance to manage OAuth apps in Microsoft 365, Google and Salesforce.
 
 There are two types of policies in app governance:
 

CloudAppSecurityDocs/app-governance-app-policies-get-started.md

@@ -7,14 +7,14 @@ description: Manage your app governance policies.
 
 # Manage app policies
 
-Use app governance to manage OAuth policies for Microsoft Entra ID, Google Workspace, and Salesforce.
+Use app governance to manage OAuth policies for Microsoft 365, Google Workspace, and Salesforce.
 
 You might need to manage your app policies as follows to keep up-to-date with your organization's apps, respond to new app-based attacks, and for ongoing changes to your app compliance needs:
 
 - Create new policies targeted at new apps
 - Change the status of an existing policy (active, inactive, audit mode)
 - Change the conditions of an existing policy
-- Change the actions of an existing policy for autoremediation of alerts
+- Change the actions of an existing policy for auto-remediation of alerts
 
 <a name='manage-oauth-app-policies-for-azure-ad'></a>
 

CloudAppSecurityDocs/app-governance-app-policies-manage.md

@@ -19,41 +19,41 @@ The **Overview** page shows the following details:
 For example:
 
 > [!div class="mx-imgBorder"]
->![Relative number of detected and policy-based incidents.](incidents-summary1.png)
->
+> ![Relative number of detected and policy-based incidents.](incidents-summary1.png)
+> 
 > [!div class="mx-imgBorder"]
->![top alerts.](media/app-governance-visibility-insights-compliance-posture/top-alerts.png)
+> ![top alerts.](media/app-governance-visibility-insights-compliance-posture/top-alerts.png)
 
 ## Data usage cards
 
 Data usage cards show the following types of information:
 
-- **Total data accessed by apps** in the tenant through Graph API over the current month and previous three calendar months. (Currently includes emails, files, and chat and channel messages read and written by apps that access Microsoft 365 using Graph API)
+- **Total data accessed by apps** in the tenant through Microsoft Graph and EWS APIs over the current month and previous three calendar months. (Currently includes emails, files, and chat and channel messages read and written by apps that access Microsoft 365 using Microsoft Graph and EWS APIs)
 
-- **Data usage over the current month and previous three calendar months**, broken down by resource type. (Currently includes emails, files, and chat and channel messages read and written by apps that access Microsoft 365 using Graph API)
+- **Data usage over the current month and previous three calendar months**, broken down by resource type. (Currently includes emails, files, and chat and channel messages read and written by apps that access Microsoft 365 using Microsoft Graph and EWS APIs)
 
 For example:
 
 > [!div class="mx-imgBorder"]
->![Total data accessed by apps.](media/app-governance-visibility-insights-compliance-posture/data-usage-chart.png)
+> ![Total data accessed by apps.](media/app-governance-visibility-insights-compliance-posture/data-usage-chart.png)
 
 ## Apps that access data on Microsoft 365
 
-For apps that access data on Microsoft 365, cards show the number of apps that have accessed data on SharePoint, OneDrive, Exchange Online, or Teams in the last 30 days
+For apps that access data on Microsoft 365, cards show the number of apps that have accessed data on SharePoint, OneDrive, Exchange Online, or Teams using Microsoft Graph and EWS APIs in the last 30 days.
 
 For example:
 
 > [!div class="mx-imgBorder"]
->![Apps that have accessed data on SharePoint, OneDrive, Exchange Online, or Teams in the last 30 days.](media/app-governance-visibility-insights-compliance-posture/apps-accessed-m365-services-chart.png)
+> ![Apps that have accessed data on SharePoint, OneDrive, Exchange Online, or Teams in the last 30 days.](media/app-governance-visibility-insights-compliance-posture/apps-accessed-m365-services-chart.png)
 
 ## Sensitivity labels accessed
 
-For sensitivity labeling data, cards show the number apps that have accessed content with sensitivity labels on SharePoint, OneDrive, Exchange Online or Teams in the last 30 days.
+For sensitivity labeling data, cards show the number apps that have accessed content with sensitivity labels on SharePoint, OneDrive, Exchange Online or Teams using Microsoft Graph and EWS APIs in the last 30 days.
 
 For example:
 
 > [!div class="mx-imgBorder"]
->![number apps that have accessed content with sensitivity labels.](sensitive-data-accessed-chart1.png)
+> ![number apps that have accessed content with sensitivity labels.](sensitive-data-accessed-chart1.png)
 
 ## Next steps
 

CloudAppSecurityDocs/app-governance-visibility-insights-compliance-posture.md

@@ -38,32 +38,48 @@ One of the primary value points for app governance is the ability to quickly vie
 1. On the **App governance** page, select one of the apps tabs to display your apps.
 
     The apps listed depend on the apps present in your tenant.
-
+   
 1. Filter the apps listed using one or more of the following default filter options:
 
-    - **API access**
-    - **Privilege level**
-    - **Permission usage**
-    - **Permission type**
-    - **Publisher verified**
-
+   - **API access**
+      
+   - **Privilege level**
+      
+   - **Permission** (Preview)
+      
+   - **Permission usage**
+      
+   - **App origin**
+      
+   - **Permission type**
+      
+   - **Publisher verified**
+      
     Use one of the following nondefault filters to further customize the apps listed:
-
-    - **Last modified**
-    - **Added on**
-    - **Certification**
-    - **Users**
-    - **Services accessed**
-    - **Data usage**
-    - **Sensitivity labels accessed**
-
-    > [!TIP]
-    > Save the query to save the currently selected filters for use again in the future.
-
+   
+   - **Last modified**
+      
+   - **Added on**
+      
+   - **Certification**
+      
+   - **Users**
+      
+   - **Services accessed**
+      
+   - **Data usage**
+      
+   - **Sensitivity labels accessed**
+   
+     > [!TIP]
+     > Save the query to save the currently selected filters for use again in the future.
+     
 1. Select the name of an app to view more details. For example:
 
-    :::image type="content" source="media/app-governance-visibility-insights-get-started/image2.png" alt-text="Screenshot of an app details pane showing an app summary.":::
-
+   ![Screenshot of an app details pane showing an app summary.](media/app-governance-visibility-insights-get-started/app-governance-app-list-view.png)
+   
+   
+   
 The details pane lists the app usage over the past 30 days, the users who have consented to the app, and the permissions assigned to the app. 
 
 For example, an administrator might review the activity and permissions of an app that is generating alerts and make a decision to disable the app using the **Disable App** button towards the bottom of the app details pane.

CloudAppSecurityDocs/app-governance-visibility-insights-get-started.md

@@ -17,21 +17,21 @@ For a summary of apps in your tenant, in Microsoft 365, go to **Cloud app > App
 
 For example:
 
-:::image type="content" source="media/app-governance-visibility-insights-view-apps/appg-cc-apps.png" alt-text="Screenshot of the Azure AD apps tab on the App governance page.":::
-
+:::image type="content" source="media/app-governance-visibility-insights-view-apps/app-governance-app-list-view-new.png" alt-text="Screenshot of the Azure AD apps tab on the App governance page.":::
 
 >[!NOTE]
 > Your sign-in account must have one of [these roles](app-governance-get-started.md#roles) to view any app governance data.
 >
 
-On the **Azure AD apps** tab, the apps in your tenant are listed with the following details:
+On the **Microsoft 365** tab, the apps in your tenant are listed with the following details:
 
 |Column name  |Description  |
 |---------|---------|
-|**App name** | The display name of the app as registered on Microsoft Entra ID |
-|**App status** | Shows whether the app is enabled or disabled, and if disabled by whom |
+| **App name** | The display name of the app as registered on Microsoft Entra ID |
+| **App status** | Shows whether the app is enabled or disabled, and if disabled by whom |
 | **Graph API access**| Shows whether the app has at least one Graph API permission |
 | **Permission type**| Shows whether the app has application (app only), delegated, or mixed permissions |
+| **App origin** (Preview)| Shows whether the app originated within the tenant or was registered in an external tenant |
 | **Consent type**| Shows whether the app consent has been given at the user or the admin level, and the number of users whose data is accessible to the app |
 | **Publisher**| Publisher of the app and their verification status |
 | **Last modified**| Date and time when registration information was last updated on Microsoft Entra ID |
@@ -55,13 +55,13 @@ You can also select **Search** to search for an app by name.
 
 Select a specific app in the grid to view more details on an apps details pane on the right. For example:
 
-:::image type="content" source="media/app-governance-visibility-insights-view-apps/image2.png" alt-text="Screenshot of an app details pane on the Azure AD tab.":::
+:::image type="content" source="media/app-governance-visibility-insights-view-apps/app-governance-app-list-view.png" alt-text="Screenshot of an app details pane on the Azure AD tab.":::
 
-The **Summary** tab also shows more data about the app, such as the date first consented and the App ID. To see the properties of the app as registered in Microsoft Entra ID, select **View app in Azure AD**.
+The **Summary** tab also shows more data about the app, such as the date first consented and the App ID. To see the properties of the app as registered in Microsoft Entra ID, select **View in Microsoft Entra ID**.
 
 In the details pane, select any of the following tabs to view more details:
 
-- Select the **Data usage** tab to view a graph of data usage over time, for Exchange, SharePoint, OneDrive, and Teams resources. For example:
+- Select the **Data usage** tab to view a graph of data usage over time, for Exchange, SharePoint, OneDrive, and Teams resources via Microsoft Graph and EWS APIs. For example:
 
     :::image type="content" source="media/app-governance-visibility-insights-view-apps/data-usage.png" alt-text="Screenshot of the Data usage tab.":::
 
@@ -73,7 +73,7 @@ In the details pane, select any of the following tabs to view more details:
 
     If an app is *admin consented*, the **Total consented users** are all users in the tenant.
 
-- Select the **Permissions** tab to see a summary and list of the Graph API and legacy permissions granted to the app, consent type, and whether they are in use. For example:
+- Select the **Permissions** tab to see a summary and list of the Graph API and legacy permissions granted to the app, consent type, privilege level and whether they are in use. For example:
 
     :::image type="content" source="media/app-governance-visibility-insights-view-apps/permissions.png" alt-text="Screenshot of the Permissions tab.":::
 

CloudAppSecurityDocs/app-governance-visibility-insights-view-apps.md

@@ -19,6 +19,32 @@ For more information on what's new with other Microsoft Defender security produc
 
 For news about earlier releases, see [Archive of past updates for Microsoft Defender for Cloud Apps](release-note-archive.md).
 
+## November 2024
+
+### Visibility into app origin (Preview)
+
+Defender for Cloud Apps users who use app governance will be able to gain visibility into the origin of OAuth apps connected to Microsoft 365. You can filter and monitor apps that have external origins, to proactively review such apps and improve the security posture of the organization.
+
+For more information, see [detailed insights into OAuth apps](/defender-cloud-apps/app-governance-visibility-insights-view-apps#getting-detailed-information-on-an-app).
+
+### Permissions filter and export capabilities (Preview)
+
+Defender for Cloud Apps users who use app governance can utilize the new *Permissions* filter and export capabilities to quickly identify apps with specific permissions to access Microsoft 365. 
+
+For more information, see [filters on app governance](/defender-cloud-apps/app-governance-visibility-insights-get-started#view-app-insights).
+
+### Visibility into privilege level for popular Microsoft first-party APIs (Preview)
+
+Defender for Cloud Apps users who use app governance can now gain visibility into privilege level for all popular Microsoft first-party API permissions. The enhanced coverage of privilege level classification will enable you to view and monitor apps with powerful permissions into legacy and other non-Graph APIs that have access to Microsoft 365. 
+
+For more information, see [OAuth app permission related details on app governance](/defender-cloud-apps/app-governance-visibility-insights-view-apps#getting-detailed-information-on-an-app).
+
+### Granular data usage insights into EWS API access (Preview)
+
+Defender for Cloud Apps users who use app governance can now get granular insights into data accessed by apps using legacy EWS API alongside Microsoft Graph. The enhanced coverage of data usage insights will enable you to get deeper visibility into apps accessing emails using legacy EWS API.
+
+For more information, see [OAuth app data usage insights on app governance](/defender-cloud-apps/app-governance-visibility-insights-view-apps#getting-detailed-information-on-an-app).
+
 ## October 2024
 ### Internal Session Controls application notice
  The Enterprise application “Microsoft Defender for Cloud Apps – Session Controls” is used internally by the Conditional Access App Control service.  
@@ -57,7 +83,7 @@ Administrators who understand the power of Edge in-browser protection, can now r
 A primary reason is security, since the barrier to circumventing session controls using Edge is much higher than with reverse proxy technology.
 
 For more information see: 
-[Enforce Edge in-browser protection when accessing business apps](https://learn.microsoft.com/defender-cloud-apps/in-browser-protection#enforce-edge-in-browser-when-accessing-business-apps)
+[Enforce Edge in-browser protection when accessing business apps](in-browser-protection.md#enforce-edge-in-browser-when-accessing-business-apps)
 
 ### Connect Mural to Defender for Cloud Apps (Preview)