Managed ITDR (MDR for Microsoft 365)

Add an alert trigger for login attempts where a user enters the correct password but fails multi-factor authentication (MFA). This would help identify potential account compromise attempts where an attacker has obtained valid credentials but cannot complete the MFA step.

I believe that a 30-day window for scanning unsecured credentials is too long. It would be beneficial to have the option to increase the frequency of these scans, perhaps to every 14 days, to ensure that any potential security issues are addressed more promptly.