The Cybersecurity and Infrastructure Security Agency (CISA) has released a dashboard that helps review post-compromise activity in Microsoft Azure Active Directory (AD), Office 365 (O365), and Microsoft 365 (M365) environments. The tool, dubbed Aviary, helps security teams visualize and analyze data generated using Sparrow, an open-source tool for detecting potentially compromised applications and accounts in Azure and Microsoft. Sparrow was created to help defenders hunt down threat activity after the SolarWinds supply-chain attack.
Source: https://www.bleepingcomputer.com/news/security/cisa-releases-tool-to-review-microsoft-365-post-compromise-activity/