Skip to content

Baseline ruleset of Office 365 Protection Alert’s

Last updated on 2021-01-21

Here is a collection of a good practice ruleset of Office 365 Protection Alert’s.

A while ago I published an article about Office 365 minimum security baseline, based on some feedback and questions, I decided to create a good practice ruleset of Office 365 Protection Alert’s.

Please review all the settings carefully before your run the script!

There is also a good practice ruleset of Office 365 Activity Alert’s.

You must have a connection to the Security and Compliance Center!

Protection Alert sample: Inbound Phishing
Protection Alert sample: Inbound Phishing

Tip:
Create a Shared Mailbox or Microsoft Office 365 Unified Group that gets the alert and notification mails. Or use the Mail address of a Microsoft Teams Channel and push it directly into a Teams Channel!

Update:
Screenshot was wrong

Published inPowerShell

Be First to Comment

    Leave a comment

    By posting a comment you consent that I store the submitted information as well as your anonymized IP address on my servers, under the terms of my Privacy Policy. Your email is never shared with anyone else.

    Required fields are marked *.