You are a security administrator for a large organization that uses multiple SaaS applications. You want to enhance the security posture of these applications using Microsoft Defender for Cloud Apps. Which action should you take first to enable advanced threat protection and security posture management for a custom SaaS application?