User Profile
MooreSecurity
Brass Contributor
Joined 8 years ago
User Widgets
Recent Discussions
File Policy Governance - Send policy-match digest to owner
Hello, I'm looking to mitigate and reduce the number of stale externally shared files in OneDrive and SharePoint. Has anyone use the 'Send policy-match digest to file owner' governance action? If so, what does that look like? I'm debating between starting with that, or going straight to removing external users. Thanks, JordanSecurity and compliance dashboard pointing me to Cloud App Security
So data loss prevention rules cannot be made in the security and compliance dashboard anymore? Whenever I go to manage advanced alerts, such as my existing DLP policies, my only option is to go to CAS.. I've been told CAS doesn't, and can't look into Exchange emails.. So where can I manage my existing DLP policies now?902Views0likes1CommentRe: Default Anti-phishing with Office 365 ATP for all users ?
Hey Robert, The only method i've come to know as far as receiving a notification for the anti-phishing policy is setting the policy to set the action to "Redirect message to other email address". Although it's been on for weeks, and I have yet to receive an "alert". Have emails been sent to your quarantine?9.6KViews0likes3CommentsCustom Cloud App Security Policies
Just wanted to start a conversation on what custom CAS policies you find most useful. There are plenty of activities to monitor, which ones have you considered worth while to monitor? To kick it off, we have MFA. Since there isn't a supported policy to monitor failed MFA results, aka, an adversary got the password right, but they're failing at the MFA screen, I made my own. Whether it's actually encompassing everything I want it to or not, is up for debate. Activity Type - Equals - Failed log on: DeviceAuth:reprocessTls + OrgIdWsFederation:federation + Login: reprocess What custom CAS rules have you guys made?CAS Utilization - Exchange Connector?
Is there a way to gain more control over the emails/files in Exchange through Cloud App Security? I have O365, OneDrive, and SharePoint added, and have policies and governance set up. But I can't really find a way through CAS to create policies looking into Exchange.. I am using the Security & Compliance Center for Exchange DLP and ATP, however, I thought CAS would be able to have some control and visibility into Exchange/Exchange Online.Security & Compliance Explorer Phishing Messages
Under Explorer, viewing emails identified as phishing under View > Phish.. there is a lack of columns and information regarding the emails compared to the description. To specify, the description of the view says that the information shown will contain the links in the email, the status of it was delivered or blocked and if the user has clicked on them. I'm not seeing any of this, just a list of emails from phishy senders.. Let me know if there is something I missed in the config for this..1.1KViews0likes2Comments
Recent Blog Articles
No content to show