More description on sus inbox rule matching

syne0 / osprey

Powershell Based tool for gathering information related to O365 intrusions and potential Breaches

MIT License

6 stars 2 forks source link

Open syne0 opened 1 month ago

syne0 commented 1 month ago

Flags rules all willy-nilly, but having some sort of documentation either directly in osp or output or linked to on wiki would probably be helpful

syne0 commented 1 month ago

potentially tied to #36

syne0 commented 1 month ago

actually having a file output that explains why a specific flag would be notable per incident would be a cool idea