SOLVED

What happen on files detected with Malware in Cloud App Security?

%3CLINGO-SUB%20id%3D%22lingo-sub-1432653%22%20slang%3D%22en-US%22%3EWhat%20happen%20on%20files%20detected%20with%20Malware%20in%20Cloud%20App%20Security%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1432653%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Community%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWhat%20is%20the%20action%20of%20CAS%20once%20file%20was%20detected%20with%20Malware%3F%20We%20have%20enabled%20the%20Malware%20detection%20policy%20and%20there%20are%20files%20matched%20the%20policy%20but%20what%20is%20the%20action%20here%20in%20CAS%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHope%20someone%20could%20help%20me%20on%20this.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you!%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1432653%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ECloud%20App%20Security%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMalware%20Detection%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1433976%22%20slang%3D%22en-US%22%3ERe%3A%20What%20happen%20on%20files%20detected%20with%20Malware%20in%20Cloud%20App%20Security%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1433976%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F342175%22%20target%3D%22_blank%22%3E%40Mary_Yvette%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHi%2C%20in%20checking%20this%2C%20it%20appears%20that%20the%20Malware%20detection%20policy%20in%20MCAS%20is%20set%20as%20an%20alert%20only%20policy%20and%20does%20not%20as%20yet%20have%20the%20ability%20to%20apply%20any%20actions%20to%20M365%20locations.%20%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EYou%20can%20of%20course%20configure%20Anti-malware%20settings%20within%20the%20Security%20and%20Compliance%20Center%2C%20but%20this%20only%20relates%20to%20emails.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Screenshot%202020-06-02%20at%2018.07.34.png%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F195952iAA95F874C31B8F52%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20title%3D%22Screenshot%202020-06-02%20at%2018.07.34.png%22%20alt%3D%22Screenshot%202020-06-02%20at%2018.07.34.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1435130%22%20slang%3D%22en-US%22%3ERe%3A%20What%20happen%20on%20files%20detected%20with%20Malware%20in%20Cloud%20App%20Security%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1435130%22%20slang%3D%22en-US%22%3EThank%20you!%3C%2FLINGO-BODY%3E
Contributor

Hi Community,

 

What is the action of CAS once file was detected with Malware? We have enabled the Malware detection policy and there are files matched the policy in OneDrive and SharePoint Online but what is the action here in CAS?

 

Hope someone could help me on this.

 

Thank you!

2 Replies
best response confirmed by Mary_Yvette (Contributor)
Solution

@Mary_Yvette 

 

Hi, in checking this, it appears that the Malware detection policy in MCAS is set as an alert only policy and does not as yet have the ability to apply any actions to M365 locations.  

 

You can of course configure Anti-malware settings within the Security and Compliance Center, but this only relates to emails.

 

Screenshot 2020-06-02 at 18.07.34.png

www.000webhost.com