The Security Posture Management add-on improves the risk posture of cloud email environments by helping security teams understand and take action on configuration gaps, while eliminating the need for manual efforts, spreadsheets, or PowerShell scripts that are typically needed to perform discovery and mitigation.
Security Posture Management uses the data within behavioral profiles built by three of the Abnormal Knowledge Bases - PeopleBase, AppBase, and TenantBase - to determine when a potentially harmful or unexpected configuration change has occurred. Armed with this knowledge, the platform monitors for high-risk configuration drifts, including privilege escalations, new third-party apps, and conditional access policy exceptions. Once these changes are identified, teams are notified and can action changes in a simple acknowledgement workflow.