Microsoft Defender for Office 365: Expansion for URL Click Alert policy

We are expanding coverage of the malicious URL click alert. The alert will now include any clicks in the past 48 hours (for emails) from the time the malicious URL verdict is identified.
More info: https://docs.microsoft.com/en-us/microsoft-365/compliance/alert-policies?view=o365-worldwide#default-alert-policies

(more…)

Microsoft Defender for Office 365: Configurable impersonation protection sender and domain lists and scoping in Preset Security policy

We’re adding capabilities within preset security policies (Strict and Standard) to configure custom users and custom domains for impersonation protection. Additionally, within the preset security policy, you will also be able to apply the policy to all recipients instead of selected users, groups, and domains. You will still be able to exclude selected recipients.
More info: https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/configurable-impersonation-protection-and-scope-for-preset/ba-p/3294459

(more…)

Microsoft Defender for Office 365: Actions from the email entity page

We are adding the ability to take actions from the email entity page. You can take email purge actions, create submissions, tenant level block actions (block sender/domain/file/URLs), investigative actions from email entity page.
More info: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/mdo-email-entity-page?view=o365-worldwide

(more…)

Microsoft 365 Defender: Enterprise IoT Support (VoIP devices, printers, cameras, smart TVs, digital assistants, etc.)

Microsoft Defender for IoT will be adding capabilities to discover and perform security monitoring for enterprise IoT devices (e.g., VoIP devices, printers, cameras, smart TVs, digital assistants, etc.). Additionally, Microsoft Defender for IoT will be updated to be part of the Microsoft SIEM and XDR offering enabling Defenders to easily secure IoT devices using the tools they already know.

(more…)

Microsoft Defender for Office 365: Priority Account Protection for Government clouds

We’re extending Priority Account Protection to cover customers in government clouds. With Priority Account Protection in Defender for Office 365, security teams can now prioritize focus on critical individuals within the organization, offer them differentiated protection and thwart costly breaches in the process. These Priority account tags and filters will surface throughout the product, including in alerts, Threat Explorer, Campaign Views, and reports.
More info: https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/announcing-priority-account-protection-in-microsoft-defender-for/ba-p/1696385

(more…)

Microsoft Defender for Office 365: ZAP (zero-hour auto purge) alert enhancements

We are enhancing the successful ZAP (zero-hour auto purge) alert and introducing a new ZAP failure alert.
More info: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/zero-hour-auto-purge?view=o365-worldwide

(more…)

Microsoft Defender for Office 365: Mail latency report

We are making some enhancements to the existing Mail latency report in Defender for Office 365. The chart and filter options will be updated for more clarity.
More info: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/view-reports-for-mdo?view=o365-worldwide#mail-latency-report

(more…)

Microsoft Defender for Office 365: Anti-malware policy notifications

The anti-malware policy can be configured with recipient and sender notifications when a message is quarantined. We are redesigning this notifications option and delivery.
More info: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/configure-anti-malware-policies?view=o365-worldwide#use-the-microsoft-365-defender-portal-to-create-anti-malware-policies

(more…)

Microsoft Defender for Office 365: Alert policies

we are enhancing the existing Microsoft Defender for Office 365 alert policy (A potentially malicious URL click was detected).
More info: https://docs.microsoft.com/en-us/microsoft-365/compliance/alert-policies?view=o365-worldwide#default-alert-policies

(more…)

Microsoft Defender for Office 365: End User Quarantine Notification for High confidence phish mail

We will begin supporting high confidence phish mails in user quarantine notification. Previously, High confidence phished mails were only supported in the quarantine portal for users. with this new capability, we will also trigger quarantine notification for high confidence phish items as well.
More info: https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/simplifying-the-quarantine-experience/ba-p/2676388

(more…)


I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.