Microsoft Defender for Office 365: Streamlining the submissions experience in Microsoft Defender for Office 365

We are updating the submissions experience to allow you to submit emails, URLs, and email attachments from one easy to use location.
More info: https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/streamlining-the-submissions-experience-in-microsoft-defender/ba-p/3152080

(more…)

Microsoft Defender for Office 365: Quarantine support for shared mailboxes

Users who have been granted delegate access to shared mailbox either through direct access or security group access will be able to triage the quarantine folder items of those mailboxes. This makes managing the quarantine for shared mailboxes easier for users.
More info: https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/simplifying-the-quarantine-experience/ba-p/2676388

(more…)

Microsoft Defender for Office 365: Differentiated protection for Priority accounts

We are introducing differentiated protection for Priority accounts, which will provide users tagged as Priority accounts with a higher level of protection. As part of this release, we are introducing a Context filter within Threat Explorer and the Threat Protection Status report through which you can search for emails where Priority account protection is involved. In addition, the Threat Detection Details tab on the Email Entity page will be updated to show the threats, corresponding detection details, and whether these detections were identified as part of Priority account protection.

(more…)

Microsoft Defender for Office 365: Updates to URL Protection Report

We’re making some updates to the URL protection report to make the report easier to use and give admins more insight. The action view will be updated to include four new action types, including Admin allowed, Admin block, pending scan, and Admin blocked with clickthrough. We’re also consolidating the application view to classify all Office apps (Word, PowerPoint, Excel, OneNote, Visio) as Office rather than individual products.
More info: https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/improving-the-reporting-experience-in-microsoft-defender-for/ba-p/2760898

(more…)

Microsoft Defender for Office 365: Updates to Threat Explorer and Real-time Detections

We are working towards updating the user experience for Threat Explorer and Real-time detections. As part of this update, we will introduce enhancements like All Email view by Default for Explorer, toggling between chart or grid view, single click data export and more. There is no change in functionality when it comes to core experiences like filtering, export, and this is an update to the user experience.
More info: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/threat-explorer?view=o365-worldwide

(more…)

Microsoft Defender for Office 365: Updates to the Mailflow Status Report

We’re introducing a new look for the mailflow status report, as we update existing reports to the latest and greatest. You can expect all of the same great information in an easier to use layout.
More info: https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/improving-the-reporting-experience-in-microsoft-defender-for/ba-p/2760898

(more…)

Microsoft Defender for Office 365: Introducing Built-In-Protection

We’re are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365.

  • Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It’s low impact as the end user experience will not be changed – URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.

(more…)

Microsoft Defender for Office 365: Built-In Protection

We are introducing Built-In Protection for Microsoft Defender for Office 365 to automatically elevate all users within your organization to the base level of security protection. Built-In Protection will implement a low impact version of Safe Attachments and Safe Links, removing burden on admins to configure users with recommended security settings and policies. This new preset security policy will require no admin action and will be turned on by default for all new and existing customers. As a result, customers will be automatically protected from unintentional configuration gaps in their policies and experience overall improved protection against phish and malicious message delivery to end users.
More info: https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/mastering-configuration-in-defender-for-office-365-part-three/ba-p/2906990

(more…)

Microsoft Defender for Office 365: Built-In Protection

We are introducing Built-In Protection for Microsoft Defender for Office 365 to automatically elevate all users within your organization to the base level of security protection. Built-In Protection will implement a low impact version of Safe Attachments and Safe Links, removing burden on admins to configure users with recommended security settings and policies. This new preset security policy will require no admin action and will be turned on by default for all new and existing customers. As a result, customers will be automatically protected from unintentional configuration gaps in their policies and experience overall improved protection against phish and malicious message delivery to end users.
More info: https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/mastering-configuration-in-defender-for-office-365-part-three/ba-p/2906990

(more…)

Microsoft Defender for Office 365: Exchange Online Protection- Customizable Authenticated Received Chain (ARC) configuration

Email senders use authentication mechanisms like SPF, DKIM, DMARC to authenticate emails, but some legitimate intermediate services may potentially make changes to the email, which might cause the email to fail authentication at subsequent hop. Authenticated Received Chain (ARC) is an authentication mechanism that helps preserve authentication results across intermediaries. With this change, admins will be able to add trusted intermediaries in the Microsoft 365 Defender portal to allow Microsoft to honor these ARC signatures, thereby allowing legitimate messages.
More info: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/use-dmarc-to-validate-email?view=o365-worldwide#how-microsoft-365-utilizes-authenticated-received-chain-arc

(more…)


I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.