When Microsoft 365 security incidents occur, they are often attributed to “sophisticated attacks” or “advanced threat actors”. In reality, the majority of compromises exploit well-known, repeatable misconfigurations that have existed quietly for months or years. These issues persist not because they are difficult to fix, but because they sit in the gaps between responsibility, ownership,...