Explore the evolving landscape of cloud security in this 49-minute conference talk focusing on Microsoft Office 365. Analyze two real-world attack case studies targeting Office 365, examining the tactics, techniques, and procedures (TTPs) of financially and information-motivated threat actors. Learn how to optimize Office 365 for investigations, understand available log sources and their limitations, and discover recommendations for enhancing Office 365 security. Gain insights from Douglas Bienstock, a Mandiant professional experienced in Incident Response and Red Team work, as he shares lessons learned from investigations to help organizations stay ahead of cyber threats.