Would like an alert when a user successfully signs into M365 but fails a Conditional Access policy. For example, user gets phished, MFA is bypassed but CA geo policy blocks the sign in. Currently Lighthouse does this via "risky user" alert if you have it configured, which can take days to receive the alert. Huntress does not alert on this attack vector at all. All of this data is available in Entra sign in logs, and licence agnostic. Can huntress create this alert?