diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index 25e2640e89..1cfb6f03fa 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -135,6 +135,9 @@
 
 #### [Microsoft threat protection](windows-defender-atp/threat-protection-integration.md)
 #####  [Protect users, data, and devices with conditional access](windows-defender-atp/conditional-access-windows-defender-advanced-threat-protection.md)
+##### [Overview of Microsoft Cloud App Security integration](windows-defender-atp/overview-mcas-integration.md)
+
+
 #### [Portal overview](windows-defender-atp/portal-overview-windows-defender-advanced-threat-protection.md)
 
 
@@ -294,6 +297,12 @@
 ####### [Create and manage machine groups](windows-defender-atp/machine-groups-windows-defender-advanced-threat-protection.md)
 ######## [Create and manage machine tags](windows-defender-atp/machine-tags-windows-defender-advanced-threat-protection.md)
 
+
+#### Configure Microsoft threat protection integration
+##### [Configure conditional access](windows-defender-atp/configure-conditional-access-windows-defender-advanced-threat-protection.md)
+##### [Enable Microsoft Cloud App Security integration](windows-defender-atp/enable-mcas-integration.md)
+
+
 #### [Configure Windows Defender Security Center settings](windows-defender-atp/preferences-setup-windows-defender-advanced-threat-protection.md)
 ##### General
 ###### [Update data retention settings](windows-defender-atp/data-retention-settings-windows-defender-advanced-threat-protection.md)
diff --git a/windows/security/threat-protection/windows-defender-atp/TOC.md b/windows/security/threat-protection/windows-defender-atp/TOC.md
index 65bfd234c5..21f22887f3 100644
--- a/windows/security/threat-protection/windows-defender-atp/TOC.md
+++ b/windows/security/threat-protection/windows-defender-atp/TOC.md
@@ -131,6 +131,8 @@
  
 ### [Microsoft threat protection](threat-protection-integration.md)
 ####  [Protect users, data, and devices with conditional access](conditional-access-windows-defender-advanced-threat-protection.md)
+#### [Overview of Microsoft Cloud App Security integration](overview-mcas-integration.md)
+ 
 ### [Portal overview](portal-overview-windows-defender-advanced-threat-protection.md)
 
 
@@ -241,9 +243,6 @@
 
 ### [Configure Secure score dashboard security controls](secure-score-dashboard-windows-defender-advanced-threat-protection.md) 
 
-### Configure Microsoft threat protection integration
-#### [Configure conditional access](configure-conditional-access-windows-defender-advanced-threat-protection.md)
-
 ### Management and API support
 #### [Onboard machines](onboard-configure-windows-defender-advanced-threat-protection.md)
 ##### [Onboard previous versions of Windows](onboard-downlevel-windows-defender-advanced-threat-protection.md)
@@ -292,6 +291,11 @@
 ####### [Create and manage machine tags](machine-tags-windows-defender-advanced-threat-protection.md)
 
 
+### Configure Microsoft threat protection integration
+#### [Configure conditional access](configure-conditional-access-windows-defender-advanced-threat-protection.md)
+#### [Enable Microsoft Cloud App Security integration](enable-mcas-integration.md)
+
+
 ### [Configure Windows Defender Security Center settings](preferences-setup-windows-defender-advanced-threat-protection.md)
 #### General
 ##### [Update data retention settings](data-retention-settings-windows-defender-advanced-threat-protection.md)
diff --git a/windows/security/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md
index 14fbc784a9..8280e76b47 100644
--- a/windows/security/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md
@@ -1,7 +1,7 @@
 ---
 title: Configure advanced features in Windows Defender ATP
 description: Turn on advanced features such as block file in Windows Defender Advanced Threat Protection.
-keywords: advanced features, settings, block file
+keywords: advanced features, settings, block file, automated investigation, auto-resolve, skype, azure atp, office 365, azure information protection, intune
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
@@ -10,18 +10,14 @@ ms.pagetype: security
 ms.author: macapara
 author: mjcaparas
 ms.localizationpriority: medium
-ms.date: 05/08/2018
+ms.date: 09/03/2018
 ---
 
 # Configure advanced features in Windows Defender ATP
 
 **Applies to:**
-
-
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 
-
-
 >Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedfeats-abovefoldlink)
 
 Depending on the Microsoft security products that you use, some advanced features might be available for you to integrate Windows Defender ATP with.
diff --git a/windows/security/threat-protection/windows-defender-atp/enable-mcas-integration.md b/windows/security/threat-protection/windows-defender-atp/enable-mcas-integration.md
new file mode 100644
index 0000000000..a166f1ab64
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-atp/enable-mcas-integration.md
@@ -0,0 +1,42 @@
+---
+title: Enable Microsoft Cloud App Security integration
+description: Learn how to enable the Microsoft Cloud App Security integration with Windows Defender Advanced Threat Protection
+keywords: cloud app security, mcas, endpoint signals, cloud application, cloud services, signals, cloud usage
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: macapara
+author: mjcaparas
+ms.localizationpriority: medium
+ms.date: 09/03/2018
+---
+
+# Enable Microsoft Cloud App Security integration
+**Applies to:**
+- Windows Defender Advanced Threat Protection (Windows Defender ATP)
+
+[!include[Prerelease information](prerelease.md)]
+
+>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-enablemcas-abovefoldlink)
+
+1. In the navigation pane, select **Preferences setup** > **Advanced features**.
+
+2. Toggle the **Microsoft Cloud App Security** setting to **On**
+
+3. Click **Save preferences**.
+
+
+
+
+## View the report
+After approximately an hour, a new report named **Win10 Endpoint Users** will show up in the Cloud App Security cloud discovery dashboard.
+
+1. Click **Discover > Cloud Discovery dashboard**. 
+
+2. On the top right corner under Continuous Report, select **Win 10 endpoint users**.
+
+For more information about cloud discovery, see [Working with discovered apps](https://docs.microsoft.com/en-us/cloud-app-security/discovered-apps).
+
+If you are interested in trying Microsoft Cloud App Security, see [Microsoft Cloud App Security Trial](https://signup.microsoft.com/Signup?OfferId=757c4c34-d589-46e4-9579-120bba5c92ed&ali=1).
\ No newline at end of file
diff --git a/windows/security/threat-protection/windows-defender-atp/overview-mcas-integration.md b/windows/security/threat-protection/windows-defender-atp/overview-mcas-integration.md
new file mode 100644
index 0000000000..d28ca13ee3
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-atp/overview-mcas-integration.md
@@ -0,0 +1,32 @@
+---
+title: Overview of Microsoft Cloud App Security integration
+description: Understand how Microsoft Cloud App Security leverages Windows Defender ATP endpoint signals to allow direct visibility into cloud application usage including the use of unsupported cloud services
+keywords: cloud app security, mcas, endpoint signals, cloud application, cloud services, signals, cloud usage
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: macapara
+author: mjcaparas
+ms.localizationpriority: medium
+ms.date: 09/03/2018
+---
+
+# Overview of Microsoft Cloud App Security integration 
+**Applies to:**
+- Windows Defender Advanced Threat Protection (Windows Defender ATP)
+
+[!include[Prerelease information](prerelease.md)]
+
+
+>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-overviewmcas-abovefoldlink)
+
+Microsoft Cloud App Security (Cloud App Security) is a comprehensive solution that helps you keep control of assets through improved visibility over cloud apps that are being used across an organization. Cloud Discovery analyzes network traffic data to provide you with ongoing visibility into cloud use, Shadow IT, and the risk Shadow IT poses into your organization.
+
+Windows Defender ATP provides one-click integration with Cloud Discovery by forwarding network connection data gathered from onboarded machines and users. These signals are sent to Cloud App Security, giving administrators deeper visibility into cloud usage, including the use of unsanctioned cloud services.  
+
+By leveraging the Windows Defender ATP endpoint network sensor signals, this integration further enhances Cloud App Security visibility into  machine related activity and expanding coverage of off-network traffic. 
+
+## Related topic
+- [Enable Microsoft Cloud App Security integration](enable-mcas-integration.md)
diff --git a/windows/security/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection.md
index 5f050596ee..a837dd1ab3 100644
--- a/windows/security/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection.md
@@ -49,8 +49,8 @@ Windows Defender ATP integrates with Azure Security Center to provide a comprehe
 
 - Incidents queue <br>
 
-- Integration with Microsoft Cloud App Security<br>
-
+- [Integration with Microsoft Cloud App Security](overview-mcas-integration.md)<br>
+Microsoft Cloud App Security leverages Windows Defender ATP endpoint signals to allow direct visibility into cloud application usage including the use of unsupported cloud services (shadow IT) from all Windows Defender ATP monitored machines.