Training
Featured CourseView All Courses

SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

SEC595Cyber Defense, Artificial Intelligence
SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
View course detailsRegister
Get a Free Hour of SANS Training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
NEW - AI Security Training
Can't find what you are looking for?

Let us help.

Contact us
Free Resources

SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

AI Risk & Readiness

Explore expert-driven guidance, training, and tools to help defend against AI-powered threats and adopt AI securely.

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations

Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk With an Expert
Talk With an Expert

Demystifying BEC Threat Detection in Microsoft 365

  • Thu, Apr 17, 2025
  • 1:00PM - 2:00PM UTC
  • English
  • Lydia Graslie
  • Technical Presentation
Login to register
Webcast Hero

When it comes to threat detection on Business Email Compromise (BEC) in Microsoft 365, a new engineer can quickly become overwhelmed with questions like:

  • Which log sources contain the events I need?
  • Which events do I need to look for?
  • How do I make sure I'm getting all the events I need?
  • How do I create good detections with the events I'm getting?

This webcast familiarizes new threat detection engineers with critical log sources and provides guidance on creating production-ready detections.

Learning Objectives

  • Understand log events related to Business Email Compromise (BEC)
  • Familiarization with log sources in Entra ID and Microsoft 365
  • Understanding and enabling mailbox auditing events
  • Creating and tuning detections in KQL

Meet Your Speaker

Lydia Graslie
Lydia Graslie

Lydia Graslie

Detection Engineer

Lydia Graslie is a Threat Detection Engineer at a Fortune 500 specializing in SaaS security.

Read more about Lydia Graslie