New detection rules for Office 365 🕵️ 📧

In order to improve our detection capacity, we are developing detection rules for new intakes such as Office 365. We have divided these rules into three main categories: * Detection of the deactivation of safety measures. Attackers would be interested in disabling options such as Office 365 anti-phishing rules or email attachment scanning rules, and then infect your information system. * Detection of a malicious file upload to Office file sharing services such as OneDrive or Sharepoint. These services can be used by attackers to lateralise into your networks. * Detection of suspicious user behaviour such as downloading large numbers of files or deleting large numbers of files. ![oc_rules_catalog_office_365.png](BASE/products/901462981/changelog/9651/inline-a283ec8ff35655c70d303bda75500fc8.jpg) Other detection rules can be found on SEKOIA.IO XDR, in the [rules catalog page]( Those that have been updated recently appear at the top of the list.