Apr 12 2019 11:30 AM
Hi all,
Im still fairly new to MCAS and i couldn't find any answers in my search so apologies if this has been asked. I was wondering if MCAS can be used to detect/alert against REST API attempts from malicious IPs or unknown devices etc. This could be coming from MS Graph or wherever else that has an API that is exposed or if there is something else that already does that.
Thanks.
Apr 15 2019 11:34 AM
Apr 18 2019 08:00 AM - edited Apr 18 2019 08:01 AM
Hi @Tommytong ,
Yes. An example below of a Flow accessing some data in SharePoint: you can see ine agent string (Flow/Logic Apps) and the IP used to access the data using API connections.
In this case it's an Azure IP, but let's say it would be a script running on a PC, we ould detect this.
Apr 18 2019 08:06 AM