Jan 06 2020 03:56 AM
Hey guys,
I just have a quick question, we receive several mails from o365 about a user triggering the unusual volume of file deletion, however we don't see any warning in cloudapp security. Even tough we linked the app connector, and we actually see in the activity log the file deletions. So why is cloudapp not giving any error on this, or i still need to do anything else?
thanks already.
greetings
Jan 12 2020 10:07 AM
I dont have an answer but didn't even know this feature was available.
Keen to see if can be done
Jan 13 2020 01:24 AM
@Wesley Baeyens the detections in O365 and Cloud App Security are not the same and do not have the same logic.
The one in MCAS will take into account more criterias, like the location that was used by the user to perform the downloads.
Best regards
Jun 23 2020 01:12 AM
We have the same situation. Is there any documentation about the logic of the mentioned alerts? Do you have any guidance for the coexistence of S&C alert policies and MCAS anomaly detections? Should we disable the S&C Alerts because the MCAS policies are more accurate?
Thanks for your help!