Webinar Registration

Office 365 Forensics and Business Email Compromises
On Demand
Duration: 60 Minutes

Recorded November 13, 2019

This webinar will discuss the types of evidence that should be collected in response to a business email compromise/ Office 365 email investigation, methods of email compromise (phishing, malware, brute force attacks, external compromise/credential stuffing), types of data at risk and commonly seen schemes.

•Evidence Collection and Analysis
•Review of the Office 365/ Azure Admin Centers
•Collecting evidence from Office 365 (logs, rule/forwarding/ Sharepoint/Onedrive data)
•Extracting mailboxes with the Office 365 eDiscovery tool
•Analyzing and interpreting the types of log data available in Office 365
•Steps to secure the Office 365 environment during an incident

Presented by:
Adam Hart, Associate Principal-Forensic Services, Charles River Associates

The views and opinions expressed in this presentation are those of the individual presenters and do not represent official policy, position, opinions, or views of NW3C.

NW3C does not share webinar attendees’ personally identifiable information with any third party without opt-in consent given during registration.


Affirmation of Eligibility
By checking this box, I attest that the subject of this training is related to my work and that I am employed:

(Limit 100 character max.)



NW3C Privacy Statement
Yes, I have read, understand, and agree with the NW3C privacy statement.

OPTIONAL: Check this if you agree that NW3C may share my Personally Identifiable Information.
I agree that NW3C may share my Personally Identifiable Information, including, but not limited to, my email address, with third-party vendors in connection with this NW3C product in accordance with NW3C’s privacy statement.