Forum Discussion
What is "Microsoft SharePoint Online and OneDrive for Business Infra Endpoints" in Cloud Apps
Hi all! I have a Cloud Apps "Cloud Discovery anomaly detection policy" active, which alerts when Data exfiltration to an app that is not sanctioned. This helps me understand, when a user tries to...
adiii Adii, the “Infra Endpoints” app covers networking architecture that enables large OneDrive/SharePoint transfers behind the scenes. So big uploads can trigger alerts there instead of the SharePoint/OneDrive apps, diminishing visibility for incident response.
I agree having distinct front-end and back-end apps fragments visibility in a way that hinders monitoring. Please provide that feedback to Microsoft. In the meantime, engage me when Infra Endpoint alerts occur and I can help investigate details through other audit logs. But consolidating apps would help address this responder blind spot.
Hi BarryGoblon - Thanks for the response. Do you know the best way / contact to send that to microsoft?