It's important to mention that this integration only stores network metadata; no confidential information is stored such as file attachments, or the body of the message. The Outlook 365 Data Collection OOTB Integration with Lumu is carried out through Microsoft's APIs, which allows Lumu to fully analyze the inboxes of the integrated account while respecting the organization's configured email policies and without impacting the fucntioning of the email service provider negatively.
The image below shows an example of the type of information stored by Lumu, which is presented directly in the customer's Lumu Portal:
As highlighted above, neither the contents of the message, nor any file attachments are stored; only the IoCs, email headers and the hashes of any file attachments.
1. Log in to your Lumu account through the Lumu Portal and navigate to the integrations screen.
2. Locate the Microsoft 365 Outlook integration in the available apps area and click Add to view details.
3. Familiarize yourself with the integration details available in the app description and click the button below to activate the integration.
4. To activate the integration, click on the activate button and read the following instructions. After reading the instructions click again on the Activate button.
5. The Microsoft sign-in will look like the following
Remember to sign in with an Outlook 365 administrator account, this is because the administrator is the only one that can grant access to the whole organization6. When you have authenticated your account, you will see a window with the Permissions that you are going to grant access to.
7. When you finish the login process, click on Accept . The following window will allow you to give the integration a description. Then, you can select the scope to analyze mails.
8. The integration will show you how many emails have been analyzed and a dashboard with the emails analyzed per hour.
You will need to activate several integrations if you want to use different scopes.