Receive an e-mail alert if an Office 365 Administrator repeatedly fails to provide correct credentials

Introduction

Users with Office 365 administrator roles are very much sensitive users, and besides protecting them with various features such as Conditional Access and MFA, it might be interesting to know if someone tries to brute force or guess their credentials.

In this post I will walk you through how you can setup a policy in Cloud App Security, that automatically sends you an e-mail, if someone fails to provide the correct credentials for users with any Office 365 administrator role assigned.

Sneak peek at the Cloud App Security portal displaying the alert created during this guide

Read more…