def rule(event):
    if all(
        [
            event.deep_get("AuthenticationRequirement", default="") == "multiFactorAuthentication",
            "MFA Denied" in event.deep_get("Status", default=""),
        ]
    ):
        return True
    return False
