- Revoke Sessions: Kill all active tokens in Entra ID. Now.
- Purge MFA Methods: Delete anything that doesn't belong to the user and force re-registration.
- Audit Enterprise Apps: Check user consent for recently added, unknown OAuth apps.
- Filter Sign-in Logs: Analyze the last 30 days for suspicious IPs and "Interrupted" status.
- Kill Inbox Rules: Use PowerShell to hunt for hidden forwarding rules in Exchange.
Var denne artikel nyttig?
Fantastisk!
Tak for din feedback
Beklager, at vi ikke var nyttige
Tak for din feedback
Feedback sendt
Vi sætter pris på din indsats og vil forsøge at rette artiklen