Microsoft 365 is one of the most ubiquitous productivity platforms in the world. Unfortunately, M365’s popularity has been noted by threat actors and has therefore become an ideal target for intrusions, whether being used for initial access or actions on objective. A week does not go by where we don’t see another intrusion affecting M365, whether it is a business email compromise, MFA fatigue attacks, malicious OAuth apps, or other intrusions.

Soteria’s mission is to provide safe passage to our customers on their digital journey. To further this mission, we are excited to announce that our MDR offerings will now provide coverage for our customers’ M365 environments. 

Detecting Threats in M365

Our managed detection and response offering is built to help our customers identify credible threats within their environment, while sheltering them from the flood of false positives or contextless alerts associated with traditional MSSPs. To achieve this outcome for our customers, we adopted the following principles:

  • Our team of engineers write and maintain a library of custom detectors focused on the top of the Pyramid of Pain.  
  • Our Detectors as Code methodology allows us to rapidly prototype, deploy, and update our detection capabilities in a safe and scalable manner. 
  • All  detections are reviewed by a skilled team of incident responders before being escalated to a customer, ensuring that any alerts are worthy of your time and attention, rather than becoming background noise.
  • We build close relationships and partnerships with our customers, becoming an extension of their team rather than “yet another security vendor”. 

With our M365 integration, we apply these core tenants to M365 telemetry.  We stream logs from Microsoft into our platform and apply our growing library of detection capabilities to the telemetry, allowing for quick and precise detection of threats observed in the M365 ecosystem.  

This expansion to our MDR capabilities, combined with our security assessments and our ADInspect and 365Inspect tools, provide a powerful suite of capabilities to combat threats to Microsoft 365 environments.

We are committed to partnering with our customers to prevent security breaches from interfering with their business goals. To learn more about our team, our approach, and how we can partner with you so you can focus on your business, reach out to speak with our experts.