Skip to content

Send security notifications to your users when something important happened on their accounts (such as new MFA methods, atypical travels, TAP usage...).

License

Notifications You must be signed in to change notification settings

piaudonn/SecurityNotifications

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

👀 Security End-user Notification (SEEN)

❓ What is SEEN?

SEEN allows you to send automatic email notifications to end-users when specific security events are detected on their Azure AD accounts. Events such as:

  • a Multi Factor Authentication method was added, updated or removed
  • a Temporary Access Pass (TAP) was created or used
  • an Atypical travel was detected by Azure AD Identity Protection

SEEN let you customize the emails sent to inform the users of these events and encourage them to reach out to your security team or support.

SEEN is leveraging a combination of Logic Apps to automate the detection of the security events and the notification to end users with many customizable options. SEEN read the Azure AD sign-in logs and audit logs from a Log Analytics workspace (SigninLogs and AuditLogs tables).

⚙️ Deployment

The full solution is available for deployment in the Deployment section and additional documentation can be found in Docs.

If you have any questions about this project or would like to provide suggestions to the SEEN project maintainers please open an issue.

About

Send security notifications to your users when something important happened on their accounts (such as new MFA methods, atypical travels, TAP usage...).

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published