ITOps
Event Data Extraction: Relevant events from Microsoft Exchange are extracted automatically, reducing the need for manual data gathering. This ensures that only pertinent information is processed, minimizing the risk of oversight and accelerating the response time.
Incident Ticket Generation: Incident tickets are created in Microsoft Teams based on extracted events. This replaces manual ticket creation, ensuring consistent documentation and prompt alerting of responsible teams, which enhances response efficiency and reduces delays.
Event Filtering and Analysis: Events are filtered and analyzed to identify potential threats. This automated process eliminates the manual review of logs, allowing for quicker identification of security issues and reducing the workload on security teams.
Microsoft Teams: In this use case, Microsoft Graph—Teams lists channels and sends messages. It facilitates communication by posting incident alerts directly to the appropriate team channels, ensuring that the right team members are promptly informed of potential security threats.
Microsoft Graph Mail: This service retrieves messages and analyzes email events. It plays a critical role in identifying suspicious activities within email communications, enabling the automation to focus on relevant security events.
Office Management: The Office Management API is utilized to ingest and manage audit events from Microsoft Exchange. It provides the necessary data for analysis, allowing automation to filter and process events efficiently and reduce the need for manual oversight.
