August 26, 2021

Office 365 second line of defense

We all know Office 365 in its different flavors come with a bunch of native applications that will help to support IT security processes. These controls are the 1st line of defense.

I’m trying to list 2nd layer controls that will be helpful to determine if 1st line controls are properly implemented and managed. What could they be?

Any book or paper about that?




Most SIEMs have a connector to O365 so you can pull out audit logs & analyze them in another toolkit. Splunk is pretty good at this and has a pre-built dashboard for O365 that shows things like logged in users, user locations, failed logins, etc.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.