• Using the Blumira API
• About Blumira findings
• Investigating “365 Alert Policy: Creation of forwarding/redirect rule” findings
• Investigating "Audit Policy Change via Auditpol" findings
• Investigating "Connection from Public IP Address" findings
• Investigating "Defender: Malware Threat" findings
• Investigating “Microsoft 365: Authentication Outside of U.S.” findings
• Investigating “Microsoft 365: Impossible Travel AAD Login” findings
• Investigating "Remote Access Tool" findings
• Using the Actor ID to verify activity in Azure Global Admin findings
• How to decode a decimal encoded command
• Loading sample findings as a new user in Free SIEM