Forum Discussion
Assessing Microsoft Defender for Office365 Effectiveness
I'm looking to gather three data points from Defender for Office365. I'm looking for true positives (emails that have been detected as malicious), false positives (emails detected as malicious but re...
Ben_Harris
Microsoft
MicrosoftHey dsmhood - I've been working on some queries you can run / customise, and started to document them here: MDO-Heros/MDO-Bootcamp2024 at main · EHLOBen/MDO-Heros · GitHub
The full query I'm testing starts at line 68, but if you follow along it may help you put some of it all together the way you want it. - there are other queries stored here too, please let me know if you find any of them useful!