Read-only M365 security aggregation across Defender XDR, Entra ID Protection, Intune & Purview — 3 clients.
| ID | Title | Severity | Source | Status |
|---|---|---|---|---|
| INC-2848 | Privilege escalation attempt Fabrikam Inc · 1d ago | Medium | MDE | Active |
| INC-1193 | Anomalous Graph API activity Contoso Ltd · 2d ago | Informational | Defender XDR | Resolved |
| INC-9805 | Possible AiTM phishing Northwind Traders · 1d ago | Informational | Defender XDR | Resolved |
| INC-5002 | Possible AiTM phishing Contoso Ltd · 2d ago | High | MDE | Resolved |
| INC-1769 | Suspicious inbox forwarding rule Fabrikam Inc · 1d ago | High | Defender for Office 365 | Active |
| User | Risk | Reason |
|---|---|---|
Leo Phillips Northwind Traders | High | Leaked credentials |
Ava Clark Northwind Traders | High | Leaked credentials |
Ava Cooper Northwind Traders | High | Impossible travel |
Charlotte Wilson Northwind Traders | High | Malware-linked IP |
Henry Baker Contoso Ltd | High | Leaked credentials |
Aria King Contoso Ltd | Medium | Unfamiliar sign-in properties |
Jack Walker Contoso Ltd | High | Anonymous IP address |
Mia Adams Contoso Ltd | Medium | Anonymous IP address |
Max Green Fabrikam Inc | High | Anonymous IP address |
Harper Brown Fabrikam Inc | High | Password spray |
Read-only aggregation — remediate in the native portal. Run a Web Check →