Add location to O365 User Failed MFA Event Notification
The current description for this Event Notification is 'A user successful logged in but failed an MFA attempt.' This notification shows the triggered values but we have to go into perchybana to see all the details. If its possible to include the LOCATION of the successful sign in right in the alert, that would make it even more useful.
MITRE ATT&CK Dashboard
I'd like to see a MITRE ATT&CK framework dashboard that shows which alerts reside under which category.
Post breach collection
Create reports, alerts and visualisations for new clients that have been breached. Microsoft 365, Sophos, Ironscales, MDATP, Meraki, UniFi
Mass action edit - Event Notifications
Ability to select multiple notifications and change values like send to Teams.
Global or Org based settings change.
Ability to make a local or global change to items in the marketplace. ie O365 Alert: User Failed MFA - I should be able to make changes across the board or specific to an individual org.