Defending Against Illicit Consent Grants

Problem Overview Office 365 Security has been tracking an emergent threat to customer data in the Office 365 cloud over the last year. This blog post is intended to help IT Administrators of Office 365 organizations detect, monitor, and remediate this threat. In its simplest form, the attack consists of an adversary creating an Azure…

0

Mitigating Client External Forwarding Rules with Secure Score

Client created rules, that Auto-Forward email from users mailboxes to an external email address, are becoming an increasingly common and fruitful data exfiltration method being used by bad actors today and something we see quite a lot of in the Office 365 Service. There are a lot of legitimate reasons for using rules that externally Auto-Forward email,…

2

Using Office 365 activity data to improve your Cybersecurity stance and capability

Overview and Contents As an Office 365 customer and tenant administrator, you have access to a wide variety of user activity events logged from your Exchange Online, SharePoint Online and Azure Active Directory services. Office 365 provides detailed activity logs that can be acquired and analyzed to facilitate self-service forensic investigations to scope and remediate a…

4