About the Author
Siegfried is a Microsoft MVP for Office Apps and Services. He has great expertise in Office 365 implementations with a special focus on Security, Messaging and Identity for international customers.
You may withdraw your consent at any time. Please visit our Privacy Statement for additional information
In this Episode of the Practical 365 podcast, Steve and Paul deep dive into the Microsoft 365 Copilot exploit, "Echo Leak," discussing its implications for AI safeguards and the future of agentic AI. The conversation then shifts to a recent global outage affecting Google and Cloudflare, highlighting the challenges of maintaining hyperscale services. We also examine Microsoft's new initiative to offer containerized M365 instances in Europe, addressing concerns over data sovereignty. Finally, they discuss the latest advancements in Copilot agents, emphasizing the importance of understanding AI reasoning.
In this article, we guide you through the process of using the Graph Activity Log and Kusto Query Language (KQL) to hunt for common indicators of mailbox compromise, with useful tips along the way.
App management audit events are captured when changes are made to Entra registered and enterprise apps. Critical app management audit events should be closely monitored to ensure that permissions are used properly and attackers haven't attempted to penetrate the tenant to extract data. This article explains how to find and analyze audit data for some critical app management audit events and run the code as an Azure Automation runbook.