What Changed
Reverts PR #13191 changes to anomalous single factor sign-in detection rule due to reported issues in GitHub issue #13249. Restores original filtering logic from ResultType != 0 back to ResultType == 0.
Detection Logic
Reverts the detection to only analyze successful sign-ins (ResultType == 0) rather than failed sign-ins (ResultType != 0). Original logic correctly focuses on successful single-factor authentications from unusual locations or ASNs as potential security threats.
Affected Files
Detections/SigninLogs/AnomalousSingleFactorSignin.yaml