Facing intense pressure after Chinese APT hack, Microsoft plans to expand logging defaults for lower-tier M365 customers.
July 19, 2023 By Ryan Naraine
Facing intense pressure to free up access to cloud security logs, Microsoft on Wednesday said it would expand logging defaults for lower-tier M365 customers and increase the duration of retention for threat-hunting data.
The move is a direct response to widespread criticism of Microsoft’s M365 licensing structure that essentially charges extra for customers to access forensics data during active malware investigations.
The issue came to a head this week when Microsoft confirmed that Chinese hackers were caught forging authentication tokens using a stolen Azure AD enterprise signing key to break into M365 email inboxes.