home.social

#ediscovery — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #ediscovery, aggregated by home.social.

  1. Ein KPMG-Whitepaper zeigt, wie Deepfakes, synthetische Identitäten und gefälschte Dokumente klassische Ermittlungsmethoden herausfordern, und wie Forensiker dieselbe Technologie zur Aufklärung einsetzen. Gleichzeitig ermöglicht generative KI in der eDiscovery die Analyse von Millionen Dokumenten in kurzer Zeit, durch semantische Suche, automatische Klassifizierung und forensisches Prompt Engineering. #ITForensik #KI #Cybersecurity #Deepfake #eDiscovery

  2. Ein KPMG-Whitepaper zeigt, wie Deepfakes, synthetische Identitäten und gefälschte Dokumente klassische Ermittlungsmethoden herausfordern, und wie Forensiker dieselbe Technologie zur Aufklärung einsetzen. Gleichzeitig ermöglicht generative KI in der eDiscovery die Analyse von Millionen Dokumenten in kurzer Zeit, durch semantische Suche, automatische Klassifizierung und forensisches Prompt Engineering. #ITForensik #KI #Cybersecurity #Deepfake #eDiscovery

  3. Ein KPMG-Whitepaper zeigt, wie Deepfakes, synthetische Identitäten und gefälschte Dokumente klassische Ermittlungsmethoden herausfordern, und wie Forensiker dieselbe Technologie zur Aufklärung einsetzen. Gleichzeitig ermöglicht generative KI in der eDiscovery die Analyse von Millionen Dokumenten in kurzer Zeit, durch semantische Suche, automatische Klassifizierung und forensisches Prompt Engineering. #ITForensik #KI #Cybersecurity #Deepfake #eDiscovery

  4. Copilot Memories in eDiscovery

    I was unable to locate saved memories in Copilot because I was looking for the wrong thing.

    #M365 #Copilot #eDiscovery #Work365

    newsletter.mikemcbride365.com/

  5. Revisiting M365 eDiscovery Without Premium Features

    I was curious about what that old e3 licensing experience was like in 2026, so I took a look.

    #eDiscovery #M365 #MicrosoftPurview
    newsletter.mikemcbride365.com/

  6. Umfassender Leitfaden zur selbstgehosteten, GoBD-konformen E-Mail-Archivierung mit Docker. Installation, Anbindung von IMAP, Microsoft 365 und Google Workspace sowie revisionssicherer Betrieb und #eDiscovery

    https://admindocs.de/de/devops/open-archiver-ein-umfassender-leitfaden-fuer-installation

    #openarchiver #docker #devops #linuxadmin #linuxtutorial #systemadmin #ubuntu

  7. Umfassender Leitfaden zur selbstgehosteten, GoBD-konformen E-Mail-Archivierung mit Docker. Installation, Anbindung von IMAP, Microsoft 365 und Google Workspace sowie revisionssicherer Betrieb und #eDiscovery

    https://admindocs.de/de/devops/open-archiver-ein-umfassender-leitfaden-fuer-installation

    #openarchiver #docker #devops #linuxadmin #linuxtutorial #systemadmin #ubuntu

  8. Umfassender Leitfaden zur selbstgehosteten, GoBD-konformen E-Mail-Archivierung mit Docker. Installation, Anbindung von IMAP, Microsoft 365 und Google Workspace sowie revisionssicherer Betrieb und #eDiscovery

    https://admindocs.de/de/devops/open-archiver-ein-umfassender-leitfaden-fuer-installation

    #openarchiver #docker #devops #linuxadmin #linuxtutorial #systemadmin #ubuntu

  9. What is the Future of eDiscovery in M365?

    No testing this week, just my personal thoughts on the future, and maybe some discussion

    #M365 #eDiscovery #Purview

    newsletter.mikemcbride365.com/

  10. What is the Future of eDiscovery in M365?

    No testing this week, just my personal thoughts on the future, and maybe some discussion

    #M365 #eDiscovery #Purview

    newsletter.mikemcbride365.com/

  11. What is the Future of eDiscovery in M365?

    No testing this week, just my personal thoughts on the future, and maybe some discussion

    #M365 #eDiscovery #Purview

    newsletter.mikemcbride365.com/

  12. What is the Future of eDiscovery in M365?

    No testing this week, just my personal thoughts on the future, and maybe some discussion

    #M365 #eDiscovery #Purview

    newsletter.mikemcbride365.com/

  13. What is the Future of eDiscovery in M365?

    No testing this week, just my personal thoughts on the future, and maybe some discussion

    #M365 #eDiscovery #Purview

    newsletter.mikemcbride365.com/

  14. More on Reactions

    At the risk of seeming obsessed, I discovered more reaction weirdness in Teams and Outlook

    #M365 #eDiscovery #Teams #Outlook

    newsletter.mikemcbride365.com/

  15. EXIF Data and Teams

    A short bonus edition instead of a week off to briefly talk about a new Message Center item

    #M365 #Teams #Microsoft #eDiscovery
    newsletter.mikemcbride365.com/

  16. 🚨 Incident Response
    ===================

    Executive summary: This guide provides a 10-step investigation workflow for Business Email Compromise (BEC) incidents within Office 365 environments. It is designed to help incident response teams identify, collect and analyse mailbox- and tenant-level artifacts relevant to impersonation, forwarding abuse and account takeover.

    Technical details:
    • The guide emphasises review of mailbox audit logs, message trace, mail-flow rules (transport rules) and eDiscovery exports as primary evidence sources.
    • Key artefacts highlighted include unusual SendAs/SendOnBehalf events, newly created inbox rules that forward or delete messages, anomalous OAuth app consent events, and unexpected mailbox folder movements.
    • Tenant-level indicators include changes to mail-flow configuration, additions to send connectors, and modifications to conditional access or MFA settings.

    Analysis and detection guidance:
    • The workflow recommends correlating mailbox audit events with message trace entries and Azure AD sign-in logs to link message delivery anomalies to authentication or session anomalies.
    • Detection focus areas are: new inbox rules that create forwarding to external addresses, SendAs spikes originating from unusual IPs, and simultaneous role/permission changes across accounts.

    Conceptual implementation (no commands):
    • Collect mailbox and tenant audit data for the suspected timeframe, prioritise mailboxes involved in financial workflows, and preserve eDiscovery exports for chain-of-custody.
    • Use correlation across Exchange Online, Azure AD sign-ins and conditional access changes to establish timeline and scope.

    Best practices and limitations:
    • Best practices include capturing comprehensive audit logs early, documenting access and evidence handling, and validating mail-flow rule histories.
    • Limitations include possible log retention gaps depending on tenant configuration and the need for eDiscovery access to export mailbox content.

    Practical use cases:
    • The guide supports investigations of CFO impersonation scams, vendor invoice fraud, and mass forwarding events used to exfiltrate emails.

    References:
    • Contact for incident support: [email protected]

    🔹 BEC #incident_response #office365 #exchange_online #eDiscovery

    🔗 Source: github.com/PwC-IR/Business-Ema

  17. Agents and Bots in Teams, Oh My!

    As new features roll out, things are taking shape in eDiscovery terms, kind of.

    #M365 #Copilot #eDiscovery #Teams

    newsletter.mikemcbride365.com/

  18. Was there any impact on eDiscovery from Ignite 25?

    There were a lot of announcements. How much do eDiscovery professionals need to worry about?

    #M365 #Copilot #eDiscovery

    newsletter.mikemcbride365.com/

  19. Have you tried the Facilitator agent in a meeting yet?
    I tried it. I liked it. I had eDiscovery questions about it.
    #M365 #Copilot #eDiscovery
    newsletter.mikemcbride365.com/

  20. Join Andy Jacobs and Josh Hickman of Cellebrite Enterprise Solutions as they guide you through the vast galaxy of modern enterprise data collection and analysis across the EDRM lifecycle. forensicfocus.com/webinars/a-n #Cellebrite #DigitalForensics #eDiscovery #DFIR

  21. Using Anthropic Claude in Copilot -

    Things to Consider Thanks to Tony Redmond for noticing that you can switch to it, but you lose Enterprise Data Protection from Microsoft.

    #AI #Copilot #eDiscovery #Privacy #Microsoft #M365

    newsletter.mikemcbride365.com/

  22. MC1134737 as an example of eDiscovery Challenges

    The changes to private channels are an improvement for end-users. What will it bring for eDiscovery?

    #M365 #eDiscovery #MicrosoftTeams
    newsletter.mikemcbride365.com/

  23. Taking a Look at Holds in the New Purview eDiscovery

    Not much has changed, but there are some hints at more that may be coming.

    #M365 #Purview #eDiscovery

    newsletter.mikemcbride365.com/