6/6: Seen any weird API behavior yourself? Drop your Qs below 👇 We're diving into Exchange/SharePoint/Teams logs next and would love to know what you're curious about!

5/6: Want to sleuth through the data yourself? Check out our deep dive into Microsoft's API latency patterns here:

petrasecurity.substack.com/p/o365-mgmt-...

4/6: The biggest surprise? Failed login attempts from suspicious IPs consistently show up later than other events. We found distinct delay patterns tied to potential brute force attacks.

3/6: While 90% of events show up within 6.5 mins, the tail end is wild: 0.5% of events take 4+ HOURS to appear, and some took nearly a week!

2/6: Most security teams assume Microsoft events appear in minutes. But our analysis of 72 hours of data across 2,300+ users revealed a shocking pattern in the API's worst-case performance...