{"id":16806,"date":"2026-06-12T03:01:17","date_gmt":"2026-06-11T18:01:17","guid":{"rendered":"https:\/\/m365jp.net\/?p=16806"},"modified":"2026-06-12T03:05:20","modified_gmt":"2026-06-11T18:05:20","slug":"mc1387572-microsoft-defender-for-cloud-apps-app-governance-expands-to-all-entra-service-principals","status":"publish","type":"post","link":"https:\/\/m365jp.net\/index.php\/2026-06-12-mc1387572-microsoft-defender-for-cloud-apps-app-governance-expands-to-all-entra-service-principals","title":{"rendered":"MC1387572 | Microsoft Defender for Cloud Apps: App governance expands to all Entra service principals"},"content":{"rendered":"<div class=\"postie-post\">\n<div>\n<hr>\n<table id=\"section\">\n<tbody>\n<tr>\n<th width=\"95%\">MC1387572 | Microsoft Defender for Cloud Apps: App governance expands to all Entra service principals<\/th>\n<\/tr>\n<\/tbody>\n<\/table>\n<hr>\n<table id=\"data\">\n<tbody>\n<tr>\n<th>Classification<\/th>\n<td>planForChange<\/td>\n<\/tr>\n<tr>\n<th>Last Updated<\/th>\n<td>06\/11\/2026 17:24:09<\/td>\n<\/tr>\n<tr>\n<th>Start Time<\/th>\n<td>06\/11\/2026 17:23:53<\/td>\n<\/tr>\n<tr>\n<th>End Time<\/th>\n<td>08\/07\/2026 07:00:00<\/td>\n<\/tr>\n<tr>\n<th>Message Content<\/th>\n<td>\n<p><b>[What and Why:]<\/b><\/p>\n<p>  We are expanding app governance in Microsoft Defender for Cloud Apps to include all Microsoft Entra service principals, not just those with API permissions. This enhancement improves visibility into non-human identities and strengthens your organization\u2019s security   posture. We are also starting to provide visibility into Entra Roles assigned to the service principals. Additionally, we are incorporating Entra role assignments into privilege classification, giving administrators a more accurate view of application risk   and strengthening security, governance, and compliance.<\/p>\n<p><b>[Rollout Schedule:]<\/b><\/p>\n<p>  <\/p>\n<ul>  <\/p>\n<li>We will begin rolling out in <b>late June 2026<\/b> and expect to complete by <b>  early July 2026<\/b>.<\/li>\n<p>  <\/ul>\n<p><b>[Impact on Your Organization:]<\/b><\/p>\n<p>  <\/p>\n<ul>  <\/ul>\n<p><b>Who is affected:<\/b> Security administrators, identity administrators, and SOC teams managing Microsoft Defender for Cloud Apps and Microsoft Entra ID.<\/p>\n<ul>  <\/ul>\n<p><b>Platforms\/Services:<\/b> Microsoft Defender for Cloud Apps, Microsoft Entra ID<\/p>\n<ul>  <\/ul>\n<p><b>What will happen:<\/b>  <\/p>\n<ul>\n<\/ul>\n<p>  <\/p>\n<ul>\n<li>All Entra service principals (excluding managed identities and Microsoft first-party apps) will now be visible in app governance.<\/li>\n<li>Privilege classification will consider both:\n<ul>\n<li>API permissions<\/li>\n<li>Entra role assignments<\/li>\n<\/ul>\n<\/li>\n<li>Apps will be classified as:\n<ul>\n<li>High privilege (high-risk API permissions or Entra roles)<\/li>\n<li>Medium privilege<\/li>\n<li>Low privilege<\/li>\n<\/ul>\n<\/li>\n<li>You may see a <b>significant increase in total apps<\/b> displayed.<\/li>\n<li>The number of <b>high-privilege apps may increase<\/b> due to role-based evaluation.<\/li>\n<li>Existing <b>custom policies will evaluate against a broader set of service principals<\/b>, potentially increasing alerts.<\/li>\n<li>The feature is <b>enabled by default <\/b>with no configuration required.<\/li>\n<\/ul>\n<ul>  <\/ul>\n<p><b>[Action Required \/ Recommendations:]<\/b><\/p>\n<p>  <\/p>\n<ul>  <\/ul>\n<p>No action is required for the rollout. However, to prepare:<\/p>\n<ul>  <\/p>\n<li>Inform your SOC and security teams about:\n<ul>\n<li>Increased visibility of service principals<\/li>\n<li>Potential increase in alerts<\/li>\n<\/ul>\n<\/li>\n<li>Review and adjust custom app governance policies to:\n<ul>\n<li>Refine scope<\/li>\n<li>Reduce potential alert fatigue<\/li>\n<\/ul>\n<\/li>\n<li>Update internal monitoring and triage processes if needed.<\/li>\n<li>Review app privilege classifications to identify newly surfaced high-risk service principals.<\/li>\n<\/ul>\n<p><b>Learn more:&nbsp;<\/b><a href=\"https:\/\/learn.microsoft.com\/defender-cloud-apps\/app-governance-visibility-insights-overview\" target=\"_blank\">App governance visibility and insights &#8211; Microsoft Defender for Cloud Apps | Microsoft Learn<\/a>&nbsp;(will be updated before   rollout)<\/p>\n<p><b>[Compliance considerations:]<\/b><\/p>\n<p>  <\/p>\n<ul>  <\/p>\n<li>Admins gain expanded monitoring and reporting visibility across all service principals.<\/li>\n<p>  <\/ul>\n<\/td>\n<\/tr>\n<tr>\n<th>Machine Translation<\/th>\n<td>\n<p><b>[\u4f55\u3068\u306a\u305c:]<\/b><\/p>\n<p>Microsoft Defender for Cloud Apps\u3067\u306f\u3001API\u6a29\u9650\u3092\u6301\u3064\u30b5\u30fc\u30d3\u30b9\u30d7\u30ea\u30f3\u30b7\u30d1\u30eb\u3060\u3051\u3067\u306a\u304f\u3001\u3059\u3079\u3066\u306eMicrosoft Entra\u30b5\u30fc\u30d3\u30b9\u30d7\u30ea\u30f3\u30b7\u30d1\u30eb\u3092\u542b\u3080\u3088\u3046\u306b\u30a2\u30d7\u30ea\u30ac\u30d0\u30ca\u30f3\u30b9\u3092\u62e1\u5927\u3057\u3066\u3044\u307e\u3059\u3002\u3053\u306e\u5f37\u5316\u306b\u3088\u308a\u3001\u975e\u4eba\u9593\u306e\u30a2\u30a4\u30c7\u30f3\u30c6\u30a3\u30c6\u30a3\u3078\u306e\u53ef\u8996\u6027\u304c\u5411\u4e0a\u3057\u3001\u7d44\u7e54\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u4f53\u5236\u304c\u5f37\u5316\u3055\u308c\u307e\u3059\u3002\u307e\u305f\u3001\u30b5\u30fc\u30d3\u30b9\u30d7\u30ea\u30f3\u30b7\u30d1\u30eb\u306b\u5272\u308a\u5f53\u3066\u3089\u308c\u305fEntra\u30ed\u30fc\u30eb\u306e\u53ef\u8996\u5316\u3082\u958b\u59cb\u3057\u3066\u3044\u307e\u3059\u3002\u3055\u3089\u306b\u3001Entra\u306e\u5f79\u5272\u5272\u308a\u5f53\u3066\u3092\u6a29\u9650\u5206\u985e\u306b\u7d44\u307f\u8fbc\u3080\u3053\u3068\u3067\u3001\u7ba1\u7406\u8005\u304c\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u30ea\u30b9\u30af\u3092\u3088\u308a\u6b63\u78ba\u306b\u628a\u63e1\u3067\u304d\u308b\u3088\u3046\u306b\u3057\u3001\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u3001\u30ac\u30d0\u30ca\u30f3\u30b9\u3001\u30b3\u30f3\u30d7\u30e9\u30a4\u30a2\u30f3\u30b9\u3092\u5f37\u5316\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<p><b>[\u5c55\u958b\u30b9\u30b1\u30b8\u30e5\u30fc\u30eb:]<\/b><\/p>\n<p>  <\/p>\n<ul>  <\/p>\n<li><b>2026\u5e746\u6708\u4e0b\u65ec<\/b>\u306b\u5c55\u958b\u3092\u958b\u59cb\u3057\u3001<b>2026\u5e747\u6708\u521d\u65ec<\/b>\u307e\u3067\u306b\u5b8c\u4e86\u3059\u308b\u4e88\u5b9a\u3067\u3059\u3002<\/li>\n<p>  <\/ul>\n<p><b>[\u7d44\u7e54\u3078\u306e\u5f71\u97ff:]<\/b><\/p>\n<p>  <\/p>\n<ul>  <\/ul>\n<p><b>\u5f71\u97ff\u3092\u53d7\u3051\u308b\u4eba\u7269:<\/b> \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u7ba1\u7406\u8005\u3001\u30a2\u30a4\u30c7\u30f3\u30c6\u30a3\u30c6\u30a3\u7ba1\u7406\u8005\u3001Microsoft Defender for Cloud Apps \u304a\u3088\u3073 Microsoft Entra ID \u3092\u7ba1\u7406\u3059\u308b SOC \u30c1\u30fc\u30e0\u3067\u3059\u3002<\/p>\n<ul>  <\/ul>\n<p><b>\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\/\u30b5\u30fc\u30d3\u30b9:<\/b> Microsoft Defender for Cloud Apps, Microsoft Entra ID<\/p>\n<ul>  <\/ul>\n<p><b>\u4eca\u5f8c\u306e\u5c55\u958b:<\/b>  <\/p>\n<ul>\n<\/ul>\n<p>  <\/p>\n<ul>\n<li>\u7ba1\u7406\u578bID\u3084Microsoft\u306e\u30d5\u30a1\u30fc\u30b9\u30c8\u30d1\u30fc\u30c6\u30a3\u30a2\u30d7\u30ea\u3092\u9664\u304f\u3059\u3079\u3066\u306eEntra\u30b5\u30fc\u30d3\u30b9\u30d7\u30ea\u30f3\u30b7\u30d1\u30eb\u304c\u30a2\u30d7\u30ea\u30ac\u30d0\u30ca\u30f3\u30b9\u3067\u78ba\u8a8d\u3067\u304d\u308b\u3088\u3046\u306b\u306a\u308a\u307e\u3059\u3002<\/li>\n<li>\u7279\u6a29\u5206\u985e\u3067\u306f\u4ee5\u4e0b\u306e\u4e21\u65b9\u3092\u8003\u616e\u3057\u307e\u3059:\n<ul>\n<li>API\u6a29\u9650<\/li>\n<li>\u30a8\u30f3\u30c8\u30e9\u306e\u5f79\u5272\u5272\u308a\u5f53\u3066<\/li>\n<\/ul>\n<\/li>\n<li>\u30a2\u30d7\u30ea\u306f\u4ee5\u4e0b\u306e\u3088\u3046\u306b\u5206\u985e\u3055\u308c\u307e\u3059:\n<ul>\n<li>\u9ad8\u7279\u6a29(\u9ad8\u30ea\u30b9\u30afAPI\u6a29\u9650\u3084Entra\u30ed\u30fc\u30eb)<\/li>\n<li>\u30e1\u30c7\u30a3\u30a2\u7279\u6a29<\/li>\n<li>\u4f4e\u7279\u6a29<\/li>\n<\/ul>\n<\/li>\n<li>\u8868\u793a\u3055\u308c\u308b <b>\u30a2\u30d7\u30ea\u6570\u304c\u5927\u5e45\u306b\u5897\u52a0<\/b> \u3059\u308b\u304b\u3082\u3057\u308c\u307e\u305b\u3093\u3002<\/li>\n<li>\u5f79\u5272\u30d9\u30fc\u30b9\u306e\u8a55\u4fa1\u306b\u3088\u308a\u3001 <b>\u9ad8\u7279\u6a29\u30a2\u30d7\u30ea\u306e\u6570\u306f\u5897\u52a0\u3059\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059<\/b> \u3002<\/li>\n<li>\u65e2\u5b58\u306e <b>\u30ab\u30b9\u30bf\u30e0\u30dd\u30ea\u30b7\u30fc\u306f\u3001\u3088\u308a\u5e83\u7bc4\u306a\u30b5\u30fc\u30d3\u30b9\u30d7\u30ea\u30f3\u30b7\u30d1\u30eb\u3068\u6bd4\u8f03\u3057\u3066\u8a55\u4fa1\u3055\u308c<\/b>\u3001\u30a2\u30e9\u30fc\u30c8\u6570\u304c\u5897\u52a0\u3059\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002<\/li>\n<li>\u3053\u306e\u6a5f\u80fd\u306f <b>\u30c7\u30d5\u30a9\u30eb\u30c8\u3067\u6709\u52b9\u5316 <\/b>\u3055\u308c\u3066\u304a\u308a\u3001\u8a2d\u5b9a\u306f\u4e0d\u8981\u3067\u3059\u3002<\/li>\n<\/ul>\n<ul>  <\/ul>\n<p><b>[\u884c\u52d5\u304c\u5fc5\u8981\/\u63a8\u5968\u4e8b\u9805:]<\/b><\/p>\n<p>  <\/p>\n<ul>  <\/ul>\n<p>\u5c55\u958b\u306b\u306f\u4f55\u306e\u30a2\u30af\u30b7\u30e7\u30f3\u3082\u5fc5\u8981\u3042\u308a\u307e\u305b\u3093\u3002\u3057\u304b\u3057\u3001\u6e96\u5099\u306e\u305f\u3081\u306b:<\/p>\n<ul>  <\/p>\n<li>SOC\u304a\u3088\u3073\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30c1\u30fc\u30e0\u306b\u4ee5\u4e0b\u306e\u4e8b\u9805\u3092\u4f1d\u3048\u3066\u304f\u3060\u3055\u3044:\n<ul>\n<li>\u30b5\u30fc\u30d3\u30b9\u30d7\u30ea\u30f3\u30b7\u30d1\u30eb\u306e\u53ef\u8996\u6027\u5411\u4e0a<\/li>\n<li>\u30a2\u30e9\u30fc\u30c8\u306e\u5897\u52a0\u306e\u53ef\u80fd\u6027<\/li>\n<\/ul>\n<\/li>\n<li>\u30ab\u30b9\u30bf\u30e0\u30a2\u30d7\u30ea\u30ac\u30d0\u30ca\u30f3\u30b9\u30dd\u30ea\u30b7\u30fc\u3092\u898b\u76f4\u3057\u3001\u8abf\u6574\u3059\u308b:\n<ul>\n<li>\u30ea\u30d5\u30a1\u30a4\u30f3\u30b9\u30b3\u30fc\u30d7<\/li>\n<li>\u6f5c\u5728\u7684\u306a\u8b66\u6212\u75b2\u52b4\u306e\u8efd\u6e1b<\/li>\n<\/ul>\n<\/li>\n<li>\u5fc5\u8981\u306b\u5fdc\u3058\u3066\u5185\u90e8\u76e3\u8996\u3084\u30c8\u30ea\u30a2\u30fc\u30b8\u306e\u30d7\u30ed\u30bb\u30b9\u3092\u66f4\u65b0\u3057\u307e\u3057\u3087\u3046\u3002<\/li>\n<li>\u30a2\u30d7\u30ea\u7279\u6a29\u306e\u5206\u985e\u3092\u78ba\u8a8d\u3057\u3001\u65b0\u305f\u306b\u6d6e\u4e0a\u3057\u305f\u9ad8\u30ea\u30b9\u30af\u30b5\u30fc\u30d3\u30b9\u30d7\u30ea\u30f3\u30b7\u30d1\u30eb\u3092\u7279\u5b9a\u3057\u307e\u3057\u3087\u3046\u3002<\/li>\n<\/ul>\n<p><b>\u8a73\u3057\u304f\u306f\u3053\u3061\u3089:&nbsp;<\/b><a href=\"https:\/\/learn.microsoft.com\/defender-cloud-apps\/app-governance-visibility-insights-overview\" target=\"_blank\">App Governance\u306e\u53ef\u8996\u6027\u3068\u30a4\u30f3\u30b5\u30a4\u30c8 &#8211; Microsoft Defender for Cloud Apps |Microsoft Learn<\/a>&nbsp;(\u5c55\u958b\u524d\u306b\u66f4\u65b0\u4e88\u5b9a)<\/p>\n<p><b>[\u30b3\u30f3\u30d7\u30e9\u30a4\u30a2\u30f3\u30b9\u4e0a\u306e\u8003\u616e\u4e8b\u9805:]<\/b><\/p>\n<p>  <\/p>\n<ul>  <\/p>\n<li>\u7ba1\u7406\u8005\u306f\u3059\u3079\u3066\u306e\u30b5\u30fc\u30d3\u30b9\u30d7\u30ea\u30f3\u30b7\u30d1\u30eb\u306b\u304a\u3051\u308b\u76e3\u8996\u3068\u5831\u544a\u306e\u53ef\u8996\u6027\u3092\u62e1\u5927\u3057\u307e\u3059\u3002<\/li>\n<p>  <\/ul>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>MC1387572 | Microsoft Defender for Cloud Apps: App governance expands to all Entra service principals Classifi [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-16806","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts\/16806","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/comments?post=16806"}],"version-history":[{"count":0,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts\/16806\/revisions"}],"wp:attachment":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/media?parent=16806"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/categories?post=16806"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/tags?post=16806"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}