Applies To: ThreatSync+ SaaS
The ThreatSync+ SaaS integration with Microsoft 365 monitors user activity, unusual logins, and suspicious file sharing activity. ThreatSync+ SaaS generates policy alerts to notify you about possible threats to your organization.
Default Policies
When you first set up ThreatSync+ SaaS with a Microsoft 365 integration, seven of nine Level 1 policies are enabled by default. For more information, go to Level 1 Policies for ThreatSync+ SaaS — Microsoft 365.
Policy Tuning
Policy tuning helps you to reduce the number of alerts for activity that does not violate your organizational policies. This means you have a smaller number of alerts to review and the alerts reflect real concerns that require action. For more information, go to Policy Tuning.