Views:
The following new features are available in Cloud App Security.

New Features in This Release (Available on January 8, 2024)

Feature
Description
Update of Cloud App Security to Cloud Email and Collaboration Protection in Trend Vision One
To have centralized visibility and management of your email solutions in a single console, you are able to update your standalone Cloud App Security to Cloud Email and Collaboration Protection in Trend Vision One. Cloud Email and Collaboration Protection is part of the Trend Vision One Email and Collaboration Security solution. This solution allows you to have comprehensive email and collaboration protection without switching consoles, offering Email Sensor, Clou Email and Collaboration Protection, and Cloud Email Gateway Protection in one package in Trend Vision One.
File blocking bypass based on domains
For email services, Cloud App Security allows you to specify domains in addition to email addresses in the Approved Sender List for the File Blocking filter. Emails from all the senders in the specified domains will skip the File Blocking checks.
Moreover, you can use the wildcard character (*) to represent any characters when specifying an email address or a domain in the approved list.
Official launch of new management console
Cloud App Security officially launches the new management console, design to provide you a modern and improved experience. The existing console is still available for you to access.
More file format supported for URL extraction from QR codes
For Exchange Online, Exchange Online (Inline Mode), Gmail, and Gmail (Inline Mode), Cloud App Security supports extracting URLs from QR codes in WEBP files in addition to QR codes in JPG, PNG, BMP, TIFF, and GIF files.
Approval of end user reported emails (preview)
In the new management console, Cloud App Security allows you to control whether the reported emails need approval before they can be sent to Trend Micro for analysis.

New Features Available on November 26, 2023

Feature
Description
Quarantined email preview for Gmail
For Gmail and Gmail (Inline Mode), Cloud App Security allows you to preview quarantined emails in the management console. This helps administrators determine further actions to take without downloading the emails.
Web Reputation bypass based on domains
For email services, Cloud App Security allows you to specify domains in addition to email addresses in the Approved Sender List for the Web Reputation filter. Emails from all the senders in the specified domains will skip the Web Reputation checks.
Moreover, you can use the wildcard character (*) to represent any characters when specifying an email address or a domain in the approved list.
Visibility into end user reported emails (preview)
In the new management console, Cloud App Security allows you to view both a summary and the details of emails that are reported by your end users through the add-in for Outlook.
Provisioning and policy configuration for storage services in new console (preview)
In the new management console, Cloud App Security supports provisioning service accounts and configuring policies for Box, Dropbox, and Google Drive.
Administration in new console (preview)
In the new management console, Cloud App Security supports performing administrative tasks. Currently available tasks are organization management, service account management, and Outlook add-in management.

New Features Available on October 29, 2023

Feature
Description
Quarantined emails from Exchange Online (Inline Mode) to be managed by end users
In addition to the emails quarantined by API-based Protection for Exchange Online, Cloud App Security allows your end users to manage the emails quarantined by Inline Protection for Exchange Online.
Virtual Analyzer bypass based on domains
For email services, Cloud App Security allows you to specify domains in addition to email addresses in the Approved Sender List for the Virtual Analyzer filter. Emails from all the senders in the specified domains will skip the Virtual Analyzer checks.
Moreover, you can use the wildcard character (*) to represent any characters when specifying an email address or a domain in the approved list.
Protection for shared drives in Google Drive
Cloud App Security can protect the files in the shared drives of Google Drive in addition to files in users' My Drive.
URL extraction enhancement for Gmail
For incoming messages in Gmail and Gmail (Inline Mode), Cloud App Security expands the scope of URL extraction to get URLs from the following content for scanning:
  • QR codes
  • Dynamic HTML pages
Provisioning and policy configuration for more services in new console
In addition to Exchange Online and Exchange Online (Inline Mode), the new management console of Cloud App Security supports provisioning service accounts and configuring policies for other Office 365 services including Microsoft Teams, Teams Chat, OneDrive, and SharePoint Online.
Moreover, you can now configure policies for Gmail (Inline Mode) in the new console.

New Features Available on September 24, 2023

Feature
Description
Detection of emails with unusual signals
For Exchange Online, Cloud App Security provides you aggressive detection capabilities to identify and take action on emails that show any unusual signal indicating possible threats. Examples of unusual signals include anomalous brand behavior, URL similar to a known malicious link, and unfamiliar sender discussing payment related issue.
Easily accessible entry to the new console
Cloud App Security provides a “New Console” button at the upper right of the existing console for you to easily access the new console offering you a modern and improved experience.
Inline Protection for Gmail outbound messages (preview)
In addition to Gmail inbound messages, Cloud App Security provides Inline Protection for Gmail outbound messages. This protection mode scans outbound messages for threats and data leakage before they are delivered to external destinations.
Policy configuration for more services in new console (preview)
Besides Exchange Online, Cloud App Security allows you to configure and manage Advanced Threat Protection and Data Loss Prevention policies and global settings for Gmail and Exchange Online (Inline Mode) in the new management console. In addition, more global settings can be configured in the new console.
Provisioning for services in new console (preview)
In the new management console, Cloud App Security supports provisioning services accounts for Exchange Online, Exchange Online (Inline Mode), Gmail, and Gmail (Inline Mode).

New Features Available on August 27, 2023

Feature
Description
Notification of invalid Microsoft Teams / Teams Chat tokens
Cloud App Security displays a banner and sends email notifications to you when your token for the Microsoft Teams or Teams Chat service account becomes invalid, allowing you to update the token in time to have continued protection.
Suspicious Object List supported for Teams Chat, Box, Dropbox, and Google Drive
Cloud App Security can leverage the Suspicious Object List to scan for suspicious files and URLs in Teams Chat, Box, Dropbox, and Google Drive and take actions accordingly.
URL extraction enhancement
For incoming messages in Exchange Online and Exchange Online (Inline Mode), Cloud App Security expands the scope of URL extraction to get URLs from the following content for scanning:
  • QR codes
  • Dynamic HTML pages
Quarantine management in new console (preview)
In its new management console, Cloud App Security allows you to manage quarantined items, including viewing, deleting, restoring, and downloading the items.
Policy configuration in new console (preview)
In its new management console, Cloud App Security allows you to configure and manage policies and related global settings for protecting your services.
In this release, you can only manage Advanced Threat Protection policies and global settings for Exchange Online.

New Features Available on July 30, 2023

Feature
Description
Official release of quarantine management and email reporting by end users
Cloud App Security officially launches the Outlook add-in to allow your users to view and take action on their quarantined emails in Exchange Online. You can control the management scope and permissions that end users can have.
The add-in also enables your users to report Exchange Online emails to Trend Micro as false positives and false negatives to help improve threat detection.
MIP-encrypted file scanning for Teams Chat
Cloud App Security supports decrypting the files sent in Microsoft Teams chat messages that are encrypted by Microsoft Information Protection. With this feature enabled, Cloud App Security can detect possible security risks in MIP-encrypted files.
Enhanced wildcard support for specifying items to approve or block in policy filters
Cloud App Security supports more flexible usage of the wildcard character (*) for specifying the following items to approve or block in policy filters:
  • Domains or individual email addresses in the approved/blocked sender lists of the Advanced Spam Protection filter
  • Files in the approved file list of the Virtual Analyzer filter
Notification of invalid SharePoint/OneDrive tokens
Cloud App Security displays a banner and sends email notifications to you when your token for the SharePoint or OneDrive service account becomes invalid, allowing you to update the token in time to have continued protection.

New Features Available on July 2, 2023

Feature
Description
Suspicious sender detection based on newly observed email addresses
For Exchange Online, Cloud App Security supports detecting an external sender as suspicious when the sender has not sent any email in at least the past 30 days. Newly observed addresses might be a sign of a threat as they are often used by malicious actors to launch attacks.
Quarantined email preview
For Exchange Online and Exchange Online (Inline Mode), Cloud App Security allows administrators to preview quarantined emails in the management console and end users to preview their quarantined emails in the Cloud App Security add-in for Outlook. This helps administrators and end users determine further actions to take without downloading the emails.
Inline Protection for Gmail inbound messages (preview)
For Gmail, Cloud App Security provides Inline Protection to scan inbound emails before they reach their destinations, with no MX record change required. This protection mode blocks threats before they can reach your users' mailboxes.
"Risky User Detection" dashboard in new console (preview)
In the new management console, Cloud App Security provides a dashboard tab for a centralized view of risky users in your organization, including top users distributing or receiving malicious content, top users triggering high-risk events, and the overall user risk trends.

New Features Available on May 28, 2023

Feature
Description
Additional File Blocking objectives for incoming messages
For Gmail or Exchange Online, instead of applying the same File Blocking objectives to all messages, Cloud App Security allows you to add blocking objectives specifically for incoming messages in addition to the objectives to block for all messages.
"Add disclaimer" action for emails from suspicious senders
For Exchange Online, Cloud App Security allows you to apply a disclaimer to emails that are sent from suspicious senders, who are external users but have display names matching High Profile Users in your organization.
Log enhancements in new console (preview)
In the new console, Cloud App Security allows you to download the Virtual Analyzer report from log records and adds more links in dashboard widgets to drill down to related log details.

New Features Available on April 23, 2023

Feature
Description
Sensitivity label-based protection for Exchange Online
Cloud App Security allows you to apply Data Loss Prevention to your Exchange Online service based on the Microsoft Information Protection sensitivity labels on the emails.
File blocking bypass based on domains
For Gmail, Exchange Online, and Exchange Online (Inline Mode), Cloud App Security allows you to specify domains in addition to email addresses in the Approved Sender List for the File Blocking filter. Emails from all the senders in the specified domains skip the File Blocking checks.
Virtual Analyzer bypass for files in storage services
In addition to Gmail and Office 365 services, Cloud App Security allows you to specify a list of files to skip Virtual Analyzer checks for storage services including Box, Dropbox, and Google Drive.
Log volume visualization and query history in new console (preview)
In the new management console, Cloud App Security provides a chart showing the volume of logs over a chosen time period, enabling you to easily view the log volume trends and quickly identify spikes. Moreover, Cloud App Security allows you to view recent log query conditions and results.
Drill-down from the dashboard to logs in new console (preview)
In the new management console, Cloud App Security allows you to drill down from the statistics in dashboard widgets to related log details for further investigation.

New Features Available on March 26, 2023

Feature
Description
PingOne supported for Single Sign-On
Cloud App Security allows you to use PingOne as the identity provider for single sign-on to the Cloud App Security management console.
Changing recipient supported under Inline Protection
For Exchange Online (Inline Mode), Cloud App Security provides you the option to change the recipient of emails matching DLP policies. This action redirects the emails to your specified email addresses instead of the original recipient.
MIP-encrypted outbound emails supported under Inline Protection
For Exchange Online (Inline Mode), Cloud App Security supports scanning and taking action on MIP-encrypted outbound emails before they are delivered to external destinations.
Enhanced provisioning for Inline Protection
To ensure that Inline Protection works properly for your organization, Cloud App Security automatically configures the allow entries for spoofed senders in the Tenant Allow/Block List and IP Allow List in connection filtering in your Exchange Online service during the provisioning. This saves you the trouble of manually configuring the addresses of Cloud App Security MTAs in these allow lists.
If you have already provisioned for Exchange Online (Inline Mode), Cloud App Security automatically adds the configurations to the allow lists.
Log query in new console (preview)
In the new console, Cloud App Security allows you to query log information to view threat detections, email tracking, activity auditing and more.

New Features Available on February 26, 2023

Feature
Description
Google Workspace accounts for single sign-on
Cloud App Security allows you to use Google Workspace as the identity provider for single sign-on to the Cloud App Security management console.
Configuration for attachment password guessing
Instead of providing the attachment password guessing feature with zero configuration, Cloud App Security now gives you the flexibility to configure the feature to meet your requirements. Attachment password guessing attempts to find passwords in Exchange Online and Gmail email content to access password-protected attachments for scanning.
You can control whether to enable this feature. Moreover, in addition to the built-in rules, you can add custom rules that instruct Cloud App Security on how to extract passwords to access the files. Customized rules increase the chance of finding the correct passwords.
Sensitivity label-based data loss prevention
In addition to using compliance templates to prevent data leakage, Cloud App Security allows you to protect your organization's digital assets by using the sensitivity labels of Microsoft Information Protection.
File protection for the team folder in Dropbox team space
In addition to the files in users' folders, Cloud App Security provides advanced threat and data protection for files stored in the team folders of Dropbox team space.

New Features in Available on January 10, 2023

Feature
Description
Official release of Inline Protection for Exchange Online
Cloud App Security officially supports Inline Protection for Exchange Online. Inline Protection routes email traffic to Cloud App Security for security scanning and protective actions before the emails reach their destinations, without requiring you to change MX records. This solution enables you to block threats before they can reach your users' mailbox and prevent data leakage before it actually takes place.
To add the capabilities of Inline Protection, you need to purchase an add-on license. If you have already provisioned for Exchange Online (Inline Mode), Trend Micro extends Inline Protection for your Exchange Online service until March 31, 2023. After the specified date, an add-on license is required for continued Inline Protection.
Annual report in the new console (preview)
In the new management console, Cloud App Security allows you to generate an annual report for 2022 to have a summary of the threat detection in your services over the past year.

New Features Available on December 11, 2022

Feature
Description
Quarantine management and email reporting by end users (preview)
For Exchange Online, Cloud App Security provides an Outlook add-in to allow your users to view and take action on their quarantined emails. You will be able to control the management scope and permissions that end users can have.
The add-in also enables your users to report Exchange Online emails to Trend Micro as false positives and false negatives to help improve threat detection.
Custom reporting with a new template in the new console (preview)
In the new management console, Cloud App Security allows you to generate customizable reports using a new template. This template summarizes threat detection in your services by threat type, with trend graphs and top lists provided.
When creating reports, you can specify the data to include, the reporting period, the schedule, and other settings. In addition to daily, weekly, and monthly reports already available, you will be able to generate an annual report after 2022.
Enhancements on Inline Protection for Exchange Online (preview)
Cloud App Security supports Trust Scan and the "Add disclaimer" action for Exchange Online (Inline Mode).
Trust Scan applies when you have provisioned for both Exchange Online and Exchange Online (Inline Mode), and provides you the option to skip rescanning the messages arriving at the mailboxes with a security filter if the messages have been scanned by the same filter of Inline Protection.
Feedback for dashboard and Inline Protection
In order to improve its features and provide your better services, the Cloud App Security management console provides the "Give Feedback" buttons and surveys for you to share how you think of the dashboard and the Inline Protection feature. Your feedback and suggestions are valued and appreciated.

New Features Available on November 6, 2022

Feature
Description
Conditional access for risky users
Through integration with Conditional Access in Microsoft Entra ID, Cloud App Security allows you to control risky users' access to resources by configuring conditional access policies on the management console.
Simplified permission grant for SharePoint Online, OneDrive, and Exchange Online
During the service account provisioning, access toke recreation, and Authorized Account migration for SharePoint Online, OneDrive, and Exchange Online, Cloud App Security allows you to grant required permissions in one step instead of multiple steps.

New Features Available on September 25, 2022

Feature
Description
Inline protection enhancement (preview)
Cloud App Security allows you to provision only once to have inline protection for Exchange Online in both the inbound and outbound directions. If you have already provisioned inbound or outbound protection, Cloud App Security recommends that you optimize your provisioning for protection in both directions.
Inbound protection now supports Time-of-Click Protection and Writing Style Analysis for BEC.
Outbound protection now supports not only DLP policies but also ATP policies.
Configuration health evaluation (preview)
In its new console, Cloud App Security assesses your policy configurations and provides you suggestions for optimum protection. This allows you to quickly identify missing configurations and leverage Cloud App Security protection to the maximum for different cloud services.
This release launches the Threat Protection widget to show whether you have enabled features for optimized protection against various types of threats.
Suspicious sender detection
Cloud App Security provides an aggressive mode of protection based on the High Profile Users list. This feature enables you to control whether to directly take action on Exchange Online messages from external senders when their display names match the High Profile Users list.

New Features Available on August 28, 2022

Feature
Description
Teams Chat provisioning with your own app
As Microsoft's licensing models for Teams APIs impose usage restrictions and licensing requirements on API calls, Cloud App Security provides a way to provision Teams Chat with your own app created in Microsoft Entra ID and select an applicable licensing model. Continued protection with your app may require that you pay Microsoft additional fees for API calls. Learn more
Quarantine and DLP policy for Exchange Online (Inline Mode)
Cloud App Security supports DLP policies for the inbound protection of Exchange Online in inline mode. The quarantine feature is available for both the ATP and DLP policies in inbound protection.
Manual scan scope down to minute for Google Drive and Gmail
Cloud App Security allows you to set a time range specific to minute when specifying the scope of Google Drive files or Gmail messages for manual scanning.
Access token revalidation for Teams Chat
Cloud App Security provides you an option to recreate an access token for the Teams Chat service account when the current access token becomes invalid.

New Features Available on July 24, 2022

Feature
Description
Migration from RMS account to MIP account
Cloud App Security supports migrating from an RMS account to a MIP account. In addition to scanning encrypted files, a MIP account allows Cloud App Security to apply sensitivity labels on files and scan encrypted Exchange Online messages.
Simplified MIP Account Provisioning
During MIP account provisioning, Cloud App Security allows you to grant all required permissions in one step instead of multiple steps.
Access token revalidation for SharePoint Online and OneDrive
Cloud App Security provides you an option to recreate an access token for the SharePoint Online or OneDrive service account when the current access token becomes invalid.
Manual scan scope down to minute for Box and Dropbox
Cloud App Security allows you to set a time range specific to minute when specifying the scope of Box or Dropbox files for manual scanning.
Official release of protection over MIP-encrypted email messages
By integrating with Microsoft Information Protection (MIP), Cloud App Security can decrypt MIP-encrypted Exchange Online messages for scanning.

New Features Available on June 26, 2022

Feature
Description
Inbound protection for Exchange Online in inline mode (preview)
In addition to outbound protection, Cloud App Security supports inbound protection for Exchange Online in inline mode. This enhancement allows Cloud App Security to scan email messages in real time for potential threats before they can reach the mailboxes of protected users.
New Internal User Risk Analytics widgets based on risk event data
Cloud App Security provides the following widgets that show risk information about Office 365 users: At-Risk User Trends, Top 5 Users with High Risk Events, and Top 5 High Risk Events. The new widgets allow administrators to gain insights into the risk trends and affected users in their organizations based on risk event data aggregated from Trend Vision One and Microsoft Identity Protection.
Retro scan supported in the Advanced Spam Protection filter
Cloud App Security provides an option to rescan historical email messages and take remediation actions using the latest pattern files and machine learning technologies. This helps administrators identify and stop previously unknown or undetected threats in messages, such as spam, phishing, and malware.
Box access token validity check
Cloud App Security monitors the access token of your Box service account and notifies the administrator when the access token becomes invalid.
Brazilian Portuguese supported by writing style analysis
In addition to the already supported nine languages, Cloud App Security leverages the further optimized Writing Style DNA technology to protect email messages written in or containing the following language: Brazilian Portuguese.

New Features Available on May 15, 2022

Feature
Description
Manual scan scope specific to minute for Microsoft Teams/SharePoint Online/OneDrive
Cloud App Security allows administrators to set a time range down to minute when specifying the manual scanning scope for files in Microsoft Teams (Teams), SharePoint Online, and OneDrive.
Approved sender list for file blocking in the Gmail service
For the Gmail service, Cloud App Security allows administrators to configure the approved sender list to exclude specific senders from file blocking scanning in Advanced Threat Protection policy configuration.
Protection over MIP-encrypted email attachments (preview)
Cloud App Security can decrypt MIP-encrypted attachments in Exchange Online messages for scanning.
"Pass without logging" action supported for unscannable files in more services in the Malware Scanning filter
Cloud App Security allows specifying the "Pass without logging" action for unscannable files in SharePoint Online, OneDrive, Microsoft Teams (Teams and Chat), Box, Dropbox, Google Drive, and Salesforce in the Malware Scanning filter in ATP policies. This action does not record security scan logs in Cloud App Security.
Official release of the Gmail message quarantine feature
Cloud App Security officially supports the quarantine action for Gmail messages with dedicated quarantine mailboxes.
Official release of migration to Authorized Account for OneDrive and SharePoint Online
Cloud App Security officially supports users who are still using a Delegate Account to migrate to use an access token for protection of their OneDrive and SharePoint Online services.

New Features Available on March 27, 2022

Feature
Description
MIP-encrypted email protection (preview)
By integrating with Microsoft Information Protection, Cloud App Security can decrypt MIP-encrypted Exchange Online email messages for scanning.
New console (preview)
Cloud App Security provides a revamped management console to enhance user experience. The initial release provides the Dashboard screen.
New widgets for Internal User Risk Analytics
Cloud App Security provides the Top 5 Malicious Email Recipients widget and Top 5 Spam Recipients widget for administrators to identify the most targeted users in the organization.
Manual scan scope down to minute for Exchange Online
Cloud App Security allows administrators to set a time range specific to minute when specifying the scope of Exchange Online emails for manual scanning.
Virtual Analyzer report retrieval through API
Cloud App Security enhances the Log Retrieval API to return a Virtual Analyzer report when the risk level detected by Virtual Analyzer is high, medium, or low.
Official release of MIP-encrypted file protection
Cloud App Security officially supports provisioning the Microsoft Information Protection service account and configuring related policy settings to protect MIP-encrypted files in the SharePoint Online, OneDrive, and Microsoft Teams services.

New Features Available on February 27, 2022

Feature
Description
Outbound protection for Exchange Online (preview)
Cloud App Security supports scanning and taking actions on Exchange Online email messages before the messages are delivered to external domains.
Currently, this feature is available only for the EU, Japan, Australia and New Zealand, Singapore, and US serving sites.
Risk Analytics widgets
Cloud App Security provides the Top 5 Risky Users and Top 5 Suspicious Users widgets and related violation data on Dashboard for administrators to identify potential risks.
Access token revalidation for the Gmail service account
Cloud App Security provides an option for the administrator to recreate an access token for a Gmail service account when the current access token becomes invalid.
Secondary action for Salesforce files
Cloud App Security allows administrators to configure a secondary action on a Salesforce file when a quarantine action for the file fails.
Global approved header fields for Gmail
Cloud App Security supports specifying an approved header field list for Gmail in global settings to skip scanning matched Gmail messages.
Official release of Time-of-Click Protection
Cloud App Security officially supports the Time-of-Click Protection feature to protect Exchange Online users against potential risks when users click URLs in incoming email messages.

New Features Available on January 16, 2022

Feature
Description
Quarantine Gmail messages (preview)
Cloud App Security supports the quarantine action for Gmail messages with dedicated quarantine mailboxes.
Support the "Apply sensitivity label" and "Remove sensitivity label" actions in Data Loss Prevention policies (preview)
Cloud App Security supports specifying the “Apply sensitivity label” and “Remove sensitivity label” actions in Data Loss Prevention policies for SharePoint Online, OneDrive, and Microsoft Teams after Office 365 admins complete Microsoft Information Protection (MIP) provisioning in Cloud App Security.
Skip scanning Gmail messages in the Spam folder
Admins can set Cloud App Security to skip scanning Gmail messages in the Spam folder of users.
Support the "Pass without logging" action for unscannable files in Exchange Online and Gmail messages in the Malware Scanning filter
Cloud App Security allows specifying the "Pass without logging" action for unscannable files in Exchange Online and Gmail messages in the Malware Scanning filter in ATP policies. This action does not record the Security Scan log in Cloud App Security.
Options of scan targets in DLP policies for Exchange Online and Gmail
Cloud App Security allows specifying the scan targets, including the email subject, body, and attachment, in DLP policies for Exchange Online and Gmail.
Support the File Blocking filter for Salesforce
Cloud App Security allows setting the File Blocking filter in ATP policies for Salesforce.

New Features Available on November 14, 2021

Feature
Description
Retrieve quarantine logs of Exchange Online and restore quarantined email messages through APIs
Cloud App Security allows getting quarantine logs of Exchange Online through the Log Retrieval API and restoring quarantined email messages through the Threat Mitigation API.
Migration from Delegate Account to Access Token Based Authentication for OneDrive and SharePoint Online (preview)
Cloud App Security helps users who are still using a Delegate Account migrate to use an access token for protection of their OneDrive and SharePoint Online services.
Support Suspicious Object lists for Gmail
Cloud App Security supports taking actions on Gmail messages based on the Suspicious Object lists, which include file SHA-1 values, file SHA-256 values, URLs, and email senders.
Time-of-Click Protection (preview)
Cloud App Security takes actions based on the risk level to protect Exchange Online users against potential risks when users click URLs in incoming email messages.

New Features Available on October 17, 2021

Feature
Description
Approved sender list for file blocking in the Exchange Online service
Cloud App Security allows configuring the approved sender list to exclude specific senders from file blocking scanning in ATP policy configuration for Exchange Online.
Original URL extraction from rewritten URLs for the blocked URL list
The blocked URL list specified through the Threat Remediation API supports extracting original URLs from rewritten URLs, so that the list can be used to block not only rewritten URLs but also the original URLs.
Option of enabling or disabling the blocked lists for Exchange Online
Cloud App Security allows admins to enable or disable the blocked lists, including blocked senders, URLs, SHA-1 values, and SHA-256 values specified through the Threat Remediation API, for Exchange Online.

New Features Available on August 29, 2021

Feature
Description
Dedicated actions for Salesforce files
Cloud App Security allows Salesforce admins to set actions separately for files in the Web Reputation and Data Loss Prevention security filters. In addition, Cloud App Security adds a new action "Tag file name" for file detections in all the supported security filters, which allows users to be aware of any risky file uploaded.
Blocked SHA-256 values list
Cloud App Security adds this list for Exchange Online to specify blocked SHA-256 hash values through the Threat Remediation API. Email messages with attachments that match any item in the list will be automatically quarantined by Cloud App Security.
Support for approved header fields with the same name but different values
Cloud App Security allows Exchange Online admins to add multiple approved header fields with the same name but different values in the Advanced Spam Protection and Web Reputation security filters and Global Settings.
SHA-256 values supported for suspicious objects
Cloud App Security can take actions on suspicious objects based on the specified SHA-256 hash value.

New Features Available on August 1, 2021

Feature
Description
Official release of protection for Microsoft Teams Chat
Cloud App Security officially supports protection for Microsoft Teams Chat by providing real-time Advanced Threat Protection and Data Loss Prevention for files and sensitive data sent in Chat messages.
Manual scan is not applicable for Teams Chat.

New Features Available on June 27, 2021

Feature
Description
One Trend Micro Account to manage multiple service provider tenants
Cloud App Security allows the admin to use one single Trend Micro Account (a CLP or LMP account) to secure your cloud services if you maintain multiple tenants assigned by a service provider, for example, Microsoft Microsoft Entra ID tenants or Salesforce orgs.
On the management console, a default organization will be automatically created for new and existing customers. You can use the default organization or create new organizations to provision services. This enables you to manage and visualize the security posture across all your tenants' services.
This feature is applicable to all the services that Cloud App Security currently supports, that is, Exchange Online, SharePoint Online, OneDrive, Microsoft Teams (Teams and Chat), Box, Dropbox, Google Workspace (Gmail and Google Drive), Salesforce, and Exchange Server.
Malware Scanning feedback collection enhancement
If the admin permits, Cloud App Security collects more suspicious file information in the Malware Scanning security filter to improve the detection capabilities of not only the Predictive Machine Learning engine (currently supported), but also the virus scan engine.

New Features Available on May 23, 2021

Feature
Description
Protection for Microsoft Teams Chat (Preview)
Besides Teams in Microsoft Teams, Cloud App Security further supports Chat in Microsoft Teams and provides real-time Advanced Threat Protection and Data Loss Prevention for files and sensitive data sent in Chat messages.
Manual scan is not applicable for Teams Chat.
Cloud App Security Splunk Add-On for detection log collection
Cloud App Security posts an add-on in Splunkbase for the customer to install in their Splunk Enterprise. Besides using the existing Log Retrieval API, the customer can leverage the add-on to automatically retrieve security event logs from Cloud App Security and show them on the Splunk dashboard.
Email attachment sanitizing For Exchange Online
Cloud App Security enhances its Malware Scanning function by letting the admin choose whether to set actions specifically for emails that contain active content such as macros in the attachments. Cloud App Security can take actions on the entire email or sanitize the attachment by removing active content upon detection.

New Features Available on April 11, 2021

Feature
Description
Global approved email header fields for Exchange Online
Besides the current approved header field list that applies only to a specific policy where the list is configured, Cloud App Security provides a global setting to let the administrator add approved email header fields for email messages to bypass scanning by all enabled ATP and DLP policies for Exchange Online.
Writing Style Analysis optimization for one more language
In addition to the already supported eight languages, Cloud App Security leverages the further optimized Writing Style DNA technology to protect email messages written in or containing the following language: Finnish.
Log report enhancements to the Top 10 by Scan Source section
Cloud App Security enriches the Top 10 by Scan Source section in log reports to add one column that displays the number of scanned items for each scan source, and add one row that shows the total number of detections and scanned items for all scan sources.

New Features Available on March 7, 2021

Feature
Description
Manual scan support for Microsoft Teams
Cloud App Security extends its protection of Microsoft Teams by allowing the administrator to run manual scans, besides real-time scans, in Advanced Threat Protection and Data Loss Prevention.
Display name spoofing detection
Cloud App Security enhances its Advanced Spam Protection filter to let the administrator choose whether to inspect the email messages from external senders with a look-alike display name as used in your organization, to protect employees against email impersonation attacks. Cloud App Security also provides a global exception list to let the administrator add trusted email senders and exclude them from display name spoofing analysis.
URL Retro Scan & Auto Remediate in Web Reputation for Exchange Online and Gmail
Cloud App Security provides an option to rescan historical URLs in users' email metadata and perform continued remediation (automatically taking configured actions or restoring quarantined messages) using newer patterns updated by Web Reputation Services.
Users' email metadata may include undetected suspicious or dangerous URLs that have only recently been discovered. Examination of such metadata is an important part of forensic investigations to determine if your email service is affected by attacks.
One local admin account to manage multiple Cloud App Security tenants
Cloud App Security enables the administrator to associate a local admin account with multiple Cloud App Security tenants of your organization in the same serving site, so they can switch among and manage different tenants with one single account on the management console, instead of repeated logoff and logon using different admin accounts.

New Features Available on January 17, 2021

Feature
Description
Official release of protection for Salesforce
Cloud App Security officially provides advanced protection for Salesforce Sandbox and Salesforce Production. The customer can purchase a separate license to configure real-time ATP and DLP scanning to safeguard confidential data in all objects and protect against malicious URLs and files posted to Chatter, Community, Cases, and Attachments in their Salesforce environment.
Quarantine and Delete actions added to ATP and DLP policies for Salesforce
Cloud App Security adds Quarantine and Delete as two more actions, besides Pass which is currently supported, in ATP and DLP policies for Salesforce.
Support for Cases and Attachments in ATP policies for Salesforce
Cloud App Security improves its Advanced Threat Protection capability to protect two more Apps Cases and Attachments against malicious files and URLs in your Salesforce environment, in addition to the already supported Chatter and Community.
Integration with Trend Micro Phish Insight for free phishing simulation
Cloud App Security integrates with Trend Micro Phish Insight to test and enhance the security awareness of your employees against social engineering, including phishing. The integration allows the administrator to open the Phish Insight home page from the Cloud App Security management console.
Phish Insight gives you the ability to launch a real-life phishing campaign with customizable phishing email templates that ask recipients to click links, enter data or download an attachment, so as to let you test what could happen to your organization before the hackers try.
Threat Investigation API to support file SHA-256 hash value
Besides the SHA-1 hash value, Cloud App Security extends its Threat Investigation API to sweep email messages in protected mailboxes for those containing attachment files with a specified SHA-256 hash value.
Serving site selection enhancement
Cloud App Security recommends a serving site on the Initial Configuration screen for new customers based on the site you are using for Trend Micro Apex One as a Service or Trend Vision One.
Quarantine management enhancement for Exchange Online
Cloud App Security adds a function for Exchange Online to redirect the administrator to the Quarantine screen for operations of an individual email message right from the Logs screen.
Password-protected compressed file analysis for Exchange Online and Gmail
Cloud App Security enhances its Malware Scanning security filter to protect Exchange Online and Gmail mailboxes from potential threats embedded in password-protected compressed files attached in email. It tries to do password guessing for the files by leveraging the email content and scans them to determine whether any action is required if the extraction succeeds.

New Features Available on November 22, 2020

Feature
Description
India serving site launch
Besides the seven existing serving sites in the US, EU, UK, Japan, Australia and New Zealand, Canada, and Singapore, Cloud App Security opens a new one in India.
Multiple approved header fields in ATP policies for Exchange Online
Cloud App Security allows the administrator to add more than one approved header field in the Advanced Spam Protection and Web Reputation security filters. When an email message hits any of the configured fields, it will not be scanned for spam and suspicious URL detection.
Move to Junk Email Folder / Spam action added to Writing Style Analysis detection for email services
Cloud App Security adds Move to Junk Email Folder and Move to Spam as one more action in Writing Style Analysis for BEC in ATP policies for Exchange Online and for Gmail respectively.
Extra option to enable/disable dynamic URL scanning in Web Reputation
Cloud App Security provides an option in the Web Reputation security filter to let the administrator decide whether to use dynamic URL scanning (which now defaults to enabled in the back end). As a supplement to Web Reputation Services, dynamic URL scanning further analyzes URLs in real-time to detect phishing URLs in email messages and files in protected applications and services.
Log and email metadata retention extended to 180 days
Cloud App Security extends its log and email metadata retention from the current 90 days to 180 days. After this deployment, the administrator will be able to search security and audit logs of 30 more days every next month, and finally query logs of the previous 180 days in three months.

New Features Available on October 18, 2020

Feature
Description
Clickable Overall Threat Detections statistics on Dashboard
Cloud App Security enhances the Overall Threat Detections widget, which lets the administrator hover over and click on each threat detection type to drill down to detailed logs related to the type within the selected time period.
High profile users and file extensions to support import/export
Cloud App Security supports the import and export functions in the High Profile Users in Global Settings and in the file extensions setting in File Blocking of ATP policies.
Downloaded Log reports to support table of contents
Cloud App Security improves the log reports by creating a Table of Contents in the downloaded .pdf file for the administrator to easily locate the required information.
In this version, Table of Contents applies to reports from Save > Report only.
Spam related header information added in Security Risk Scan logs
Cloud App Security displays headers of spam email messages detected by the Advanced Spam Protection security filter as a new column (named Spam Related Headers) of Security Risk Scan logs. The information can be used for further threat investigation.
More policy change events added in Audit Logs
Cloud App Security adds operations performed on ATP and DLP policies in Audit Logs, including enabling or disabling a policy or a security filter in a policy, and changing a configuration in a security filter.
Language support for Spanish
In addition to English, Japanese, Italian, German, and European Portuguese, the Cloud App Security management console adds language support for Spanish.

New Features Available on August 23, 2020

Feature
Description
Token-based Authorized Account provision for SharePoint Online and OneDrive (official release)
Cloud App Security officially supports using OAuth 2.0 to provision a service account (Authorized Account) for SharePoint Online and OneDrive protection.
Singapore serving site launch
Besides the six existing serving sites in the U.S., EU, UK, Japan, Australia and New Zealand, and Canada, Cloud App Security opens a new one in Singapore.
Serving site selection
For the customers who log on to the Cloud App Security management console for the first time, Cloud App Security allows them to choose a serving site, instead of assigning one based on the location dictated by the customer’s CLP account.
Vendor fraud prevention by cousin domain detection
Cloud App Security provides a global setting to let the administrator add high-profile domains, for example, your partners’ domains or domains of famous brands, to leverage the improved Trend Micro Antispam Engine to detect cousin domains. A cousin domain looks deceptively similar to a legitimate target domain and is often used in phishing attacks to steal sensitive or confidential information from users.
Approved file list in Virtual Analyzer settings
Cloud App Security adds an approved file list in the Virtual Analyzer settings of ATP policies. This will enable the administrator to configure the files in your organization that can skip from being sent to Virtual Analyzer for further analysis.
In this release, this feature is available only for supported Office 365 services.
Threat Mitigation API enhancement to support Gmail
Cloud App Security extends the usage of its Threat Mitigation API to Gmail, which allows you to delete Gmail messages containing security risks through the API or the Vision One console.
Language support for European Portuguese
In addition to English, Japanese, Italian, and German, the Cloud App Security management console adds language support for European Portuguese.
Password-protected PDF file detection in Malware Scanning
Cloud App Security enhances its Malware Scanning function to not only detect password-protected files in the PDF format (this format was not supported before) for all protected cloud services, but also add one more action Tag subject to take on Exchange Online email messages upon detection of not-compressed password-protected files.
This enhancement is not available for Gmail.

New Features Available on July 12, 2020

Feature
Description
Protection for Salesforce (Preview)
Cloud App Security adds Salesforce into its protected application family, and provides real-time ATP and DLP scanning to safeguard confidential data in all objects and protect against malicious URLs and files posted to Chatter and Community in the customer' Salesforce Sandbox environment.
New pre-defined DLP policy for Box shared links control
Cloud App Security provides a pre-defined DLP policy for Box that lets the administrator to manage the creation of open shared links to files and folders in the customer's Box user accounts.
One more action in Virtual Analyzer for unrated samples in Exchange Online
Cloud App Security adds the Move to Junk Email folder action to the Virtual Analyzer security filter in ATP policies for Exchange Online. This provides the administrator with one more option to take on email messages if they contain samples unable to be analyzed by Virtual Analyzer.
Extension of Office 365 service accounts (with partial targets selected) to protect all targets
Cloud App Security provides an option for the service account for Exchange Online, SharePoint Online, and OneDrive to extend its protection from selected targets to all targets under the corresponding service. As such, the administrator does not need to deprovision the current service account and provision a new one.
Log Retrieval API to support the Microsoft Exchange service
Besides logs from its own service, Cloud App Security extends the Log Retrieval API to allow you to also get security event logs from ScanMail for Microsoft Exchange (if registered to Cloud App Security).

New Features Available on May 31, 2020

Feature
Description
Office 365 service account deprovision on the management console
Cloud App Security allows the administrator to deprovision the service accounts created for Exchange Online, SharePoint Online, and OneDrive by manually removing them on the Service Account page of the management console, so that they can provision new service accounts as needed with another Office 365 tenant or using another CLP account.
Graymail and scam detection for Exchange Online
Cloud App Security leverages the enhanced Trend Micro Antispam Engine to detect graymail and email messages containing advance-fee scams (for example, 419 schemes, lottery scams) received in Exchange Online, and allows the administrator to take separate actions on these two categories.
Access token revalidation for the Box service account
Cloud App Security provides an option for the administrator to recreate a new access token when the access token for the Box service account becomes invalid, to ensure the availability of the service account.
Language support for German
In addition to English, Japanese, and Italian, the Cloud App Security management console adds language support for German.

New Features Available on April 19, 2020

Feature
Description
Multiple authentication tokens for Automation and Integration APIs
Cloud App Security supports creation of more than one authentication token for external and Trend Micro platforms, products, and services to use the available Automation and Integration APIs based on customer needs.
If you have already created a token before this feature is deployed, you can still use it for all the supported external applications and Trend Micro product/service.
Log Retrieval API to support the Microsoft Teams service
Cloud App Security extends its Log Retrieval API to allow the administrator to get Microsoft Teams related security event logs to your SIEM or syslog platform for further threat detection and security analytics.
Launch of the Canada serving site
In addition to the EU, U.S., Japan, Australia and New Zealand, and UK sites, Cloud App Security opens a new serving site on April 28 to provide its advanced protection for new customers in Canada.
Language support for Italian
In addition to English and Japanese, the Cloud App Security management console adds language support for Italian.
Get Started wizard on Dashboard
Cloud App Security provides a Get Started wizard on Dashboard to get first-time administrators set up quickly to use the service.

New Features Available on March 15, 2020

Feature
Description
Migration to use Modern Authentication for Exchange Online protection
Cloud App Security supports migrating the customers currently with a Delegate Account away from basic authentication and to use modern authentication. This enables Cloud App Security to continue its protection for Exchange Online after Microsoft fully decommissions the basic authentication for EWS to access Exchange Online in 2020.
Central management of email messages quarantined on integrated ScanMail servers
Cloud App Security allows the Trend Micro ScanMail for Microsoft Exchange ("ScanMail") server administrator to manage quarantined email messages on the Cloud App Security management console after the ScanMail server (installed with 14.0 Patch 3) deployed within your organization is successfully integrated with Cloud App Security.
New provisioning approach for SharePoint Online and OneDrive (preview)
Cloud App Security uses OAuth authentication to provide one more approach to SharePoint Online and OneDrive provisioning (initial provision only), which does not require creation of an SharePoint Online Delegate Account.
Launch of the UK serving site
In addition to the EU, U.S., Japan, and Australia and New Zealand sites, Cloud App Security opens a new serving site to provide its advanced protection for new customers in the United Kingdom and Ireland.
Improvements to Approved Header Field
Cloud App Security improves the Approved Header Field feature, and adds it into both Advanced Spam Protection and Web Reputation of Advanced Threat Protection policies for Exchange Online.

New Features Available on January 19, 2020

Feature
Description
Branding support for Licensing Management Platform (LMP) customers
Cloud App Security accepts the customized banner image set by service providers and other partners via the Licensing Management Platform console to display on the Cloud App Security management console.