Identifying and hardening significant accumulations of data-at-rest in SharePoint Online and OneDrive is one of the key tasks in preparing an organization's data estate before Copilot for Microsoft 365 rollouts and in general as well. Accomplishing this isn't clear-cut, however.

In this session you will learn (and see through demos) how to hunt for sensitive data accumulations for real in a clear, repeatable and effective way using tools like Content Search and Defender for Cloud Apps file policies. I will showcase and share KeyQL search queries, methods and best practices picked up during real-life work with numerous Copilot for Microsoft 365 adopters and other organizations improving their data security posture.

We will cover topics like:
- Why we need to discover accumulations in the first place?
- How to perform rapid high-level discovery with Content Search
- How to dig deeper and validate matches with Defender for Cloud Apps
- Putting your findings to work and improving security posture
- Tips & tricks for RBAC, governance and how to get additional insights from Data Security Posture Management capabilities

The session is useful for IT admins, data security responsibles and anyone looking to understanding how to discover and secure accumulations of sensitive data in SharePoint and OneDrive.