thecomputerguy
Well-Known Member
- Reaction score
- 1,487
When a client gets compromised it's almost always the same story.
Link Clicked, Token Stolen, Logs with bad logins showing "previously satisfied", Rules configured, client is then notified by one of their clients they have been hacked.
Client notifies me.
I tried setting up an alert policy in security.microsoft.com to notify me when an Inbox-Rule is created but that option does not exist. The only option is to notify when a user creates a forward/redirect of mail.
This seems like such a trivial function I can't believe it isn't easier to configure.
My clients all use Business Standard/Business Premium
How can I be better notified when a client is compromised when FIDO keys & CA policies requiring intune registered compliant devices aren't an option?
@YeOldeStonecat @Sky-Knight
Link Clicked, Token Stolen, Logs with bad logins showing "previously satisfied", Rules configured, client is then notified by one of their clients they have been hacked.
Client notifies me.
I tried setting up an alert policy in security.microsoft.com to notify me when an Inbox-Rule is created but that option does not exist. The only option is to notify when a user creates a forward/redirect of mail.
This seems like such a trivial function I can't believe it isn't easier to configure.
My clients all use Business Standard/Business Premium
How can I be better notified when a client is compromised when FIDO keys & CA policies requiring intune registered compliant devices aren't an option?
@YeOldeStonecat @Sky-Knight
Last edited:
