Recent malicious activity on a wide-scale impacted many GOVT & business concerns.  Homeland security has developed a free detection tool designed to look for unusual activities associated with recent attacks discovered this month.

CISA Releases Free Detection Tool for Azure/M365 Environment | CISA

CISA has created a free tool for detecting unusual and potentially malicious activity that threatens users and applications in an Azure/Microsoft O365 environment. The tool is intended for use by incident responders and is narrowly focused on activity that is endemic to the recent identity- and authentication-based attacks seen in multiple sectors.   CISA strongly encourages users and administrators to visit the following GitHub page for additional information and detection countermeasures.