Recorded
November 13, 2019
This webinar will discuss the types of evidence that should be collected
in response to a business email compromise/ Office 365 email investigation, methods of
email compromise (phishing, malware, brute force attacks, external compromise/credential
stuffing), types of data at risk and commonly seen
schemes.
•Evidence Collection and Analysis
•Review of the Office 365/ Azure Admin
Centers
•Collecting evidence from Office 365 (logs, rule/forwarding/
Sharepoint/Onedrive data)
•Extracting mailboxes with the Office 365
eDiscovery tool
•Analyzing and interpreting the types of log data available
in Office 365
•Steps to secure the Office 365 environment during an
incident
Presented by:
Adam Hart, Associate Principal-Forensic Services, Charles River
Associates
The views and opinions expressed in this presentation are those of the
individual presenters and do not represent official policy, position, opinions,
or views of NW3C.
NW3C does not share webinar attendees’ personally identifiable information
with any third party without opt-in consent given during
registration.