With the BlueApp for Office 365, you can monitor all of your Microsoft Office 365 cloud applications, track user activity, and receive alerts in USM Anywhere for suspicious and malicious activity in your environment. This integration gives you the ability to collect additional information about your environment and what your users are doing, which drives investigation and incident response processes.

The BlueApp for Office 365 supports the following features:

• Out-of-the-box correlation rules for Office 365 events, enabling USM Anywhere to automatically create alarms Alarms provide notification of an event or sequence of events that require attention or investigation. to notify you about suspicious activity in your environment.
• Predefined dashboards that give an overview of Microsoft OneDrive, Microsoft SharePoint, and Microsoft Azure Active Directory (AD) Active Directory (AD) is a directory service that Microsoft developed for Windows domain networks. activity and provide quick visibility into Office 365 events to streamline your investigation and incident response processes.
• Direct access to the Microsoft Office 365 Management Activity API, giving you comprehensive visibility, a richer data set, and greater control over your cloud security, with information about your user, administration, system, and policy actions and events from Office 365 and Azure AD activity logs.

This topic discusses these subtopics: