Forum Discussion

Deepanshu_Marwah's avatar
Deepanshu_Marwah
Brass Contributor
Aug 02, 2021

Query on MCAS Unsanctioned application | Microsoft Live(IT services)

Recently I received a security Incident on my Microsoft Cloud Application Security(MCAS) portal Data exfiltration to an app that is not sanctioned When I drilled down, I found Microsoft Live application 

 

 

 

Can anyone help me understand what is this application and why its showing data exfiltration incident?

 

Also posted this query on https://stackoverflow.com/questions/68556398/query-on-mcas-unsanctioned-application-microsoft-liveit-services

1 Reply

  • Ben123Digitally's avatar
    Ben123Digitally
    Copper Contributor
    If I am not mistaken live is the Microsoft email portal, outlook.live.com. Someone could have signed in with their corporate credentials and uploaded information. Do you have webmail enabled?