Security News > 2024 > February > Microsoft expands free logging capabilities after May breach

Microsoft expands free logging capabilities after May breach
2024-02-21 22:31

Microsoft has expanded free logging capabilities for all Purview Audit standard customers, including U.S. federal agencies, six months after disclosing that Chinese hackers stole U.S. government emails undetected in an Exchange Online breach between May and June 2023.

"Beginning this month, expanded logging will be available to all agencies using Microsoft Purview Audit regardless of license tier," a press release issued today reads.

"Microsoft will automatically enable the logs in customer accounts and increase the default log retention period from 90 days to 180 days. Also, this data will provide new telemetry to help more federal agencies meet logging requirements mandated by OMB Memorandum M-21-31.".

While the hackers mostly evaded detection, some affected U.S. federal agencies identified the malicious activity using enhanced logging.

These advanced logging capabilities were only available to customers with Microsoft's Purview Audit logging licenses, which led to Redmond facing criticism for hindering organizations from promptly detecting Storm-0558's attacks.

Following the incident disclosure and pressured by CISA, Microsoft agreed to broaden access to logging data for free to allow network defenders to spot similar breach attempts in the future.


News URL

https://www.bleepingcomputer.com/news/security/microsoft-expands-free-logging-capabilities-after-may-breach/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 480 75 2308 5128 264 7775
Free 9 0 3 1 3 7