Security Operations for Microsoft 365
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management. Task: Microsoft 365
Browse 14 security tools
FEATURED
USE CASES
Automated SaaS threat response that blocks suspicious logins & compromised accounts.
Real-time threat detection & health monitoring for Windows/Exchange servers.
Decrypts S/MIME & OpenPGP emails from PST/OST/EDB for forensic analysis.
Managed MDR, EDR, email, and cloud security services for law firms.
Subscription-based MDR service covering endpoints, cloud email, and workspaces.
24/7 MDR SOC services leveraging Microsoft Sentinel and Defender platforms
Microsoft 365 user activity monitoring and behavior analysis platform
AI-powered SIEM for cloud security across Microsoft 365, Azure, AWS, and GCP
Automated incident response platform for Microsoft 365 and identity systems
GraphSpy is a browser-based post-exploitation tool for Azure Active Directory and Office 365 environments that enables token management, reconnaissance, and interaction with Microsoft 365 services.
A tool for interacting with Exchange servers remotely and exploiting client-side Outlook features.
NotRuler is a tool for Exchange Admins to detect client-side Outlook rules and VBScript enabled forms, aiding in the detection of attacks created through Ruler.
A robust and flexible hunt and incident response tool for investigating AzureAD, Azure, and M365 environments.
A library for accessing and parsing Extensible Storage Engine (ESE) Database Files used by Microsoft applications like Windows Search, Exchange, and Active Directory for forensic analysis purposes.
Stay Updated with Mandos Brief
Get strategic cybersecurity insights in your inbox