In order to improve our detection capacity, we are developing detection rules for new intakes such as Azure Active Directory. In this new set of rules, you can find rules that detect suspicious user actions such as unusual configuration, unusual connection locations or brute-force. You can also access alerts directly related to the Azure Active Directory CTI, such as malicious IP adresses or known attack patterns.  Other detection rules can be found on SEKOIA.IO XDR, in the [rules catalog page](https://app.sekoia.io/operations/rules-catalog). Those that have been updated recently appear at the top of the list.