Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

Office365 is a popular application productivity suite that enables organizations to accelerate communication and business processes. With Office365’s popularity, it has become a common attack vector for malicious actors and insider threats. As a result, Devo provides out-of-the-box detections to help organizations to understand possible attack vectors and ways to protect their office365 data.

 Phish Attempt

Adversaries may send victims emails containing malicious attachments or links, typically to execute malicious code on victim systems.

This detection is triggered when a user reports an email as malware or phishing in Office 365.

Source table ➝ cloud.office365.management.securitycompliancecenter

 365 Sus Mailbox Delegation

Adversaries may use the compromised account to send messages to other accounts in the network of the target organization while creating inbox rules.

Source table → cloud.office365.management.exchange

  • No labels