Data Loss Prevention and Microsoft API SIEM Integration

["Pardonek, Jim" <jpardonek () LUC EDU>]

We are working through some issues with our deployment of Microsoft DLP and the ability to get actionable reports from 
their Security and Compliance center.  On a recent call with Microsoft, one of the engineers suggested that we look 
into the Office 365 Management Activity API and integrate it with our Logrhythm SIEM.  Looking for information if 
anyone uses this API for DLP and what sort of actionable alerts they might be seeing out of it.

Thanks in advance.

Jim

James Pardonek, MS, CISSP, CEH, GSNA
Associate Director
Chief Information Security Officer
Loyola University Chicago
1032 W. Sheridan Road | Chicago, IL  60660

*: (773) 508-6086

Loyola University Chicago will never ask you for your username or password.
For the latest information security news at Loyola, please follow us online,
Twitter: @LUCUISO
Facebook: https://www.facebook.com/lucuiso/
Our Blog http://blogs.luc.edu/uiso/


**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community