Microsoft is currently working on enhancing the notification system for quarantined malware or phishing messages for admins in all Microsoft 365 environments, with the new feature to roll out to customers in early October.
Office 365 is part of the Microsoft 365 software bundle which also comes with two extra offers, namely Windows 10 and EMS (short for Enterprise Mobility + Security).
Quarantined phishing messages alerts
"With this, admins will be able to configure an alert to notify them when an end-user has a malware or phishing message quarantined," says Microsoft on the update's Microsoft 365 roadmap entry.
The Office 365 quarantine notifications and alerts enhancements also come with the modification of "the email template used for end-user-spam notifications" which will be adjusted to match with other Microsoft email templates.
"As part of the change, end-users will need to navigate to the Quarantine Portal within the Security and Compliance Center to take actions, such as release message," also adds Microsoft.
These changes will start rolling out to all Microsoft 365 users during early October, with the entire rollout process to be fully completed worldwide by the end of October 2019.
Enhanced quarantine and submission experience
Another series of changes to the Office 365 quarantine system and the submission experience of suspicious content is rolling out this month, changes that were first announced during early August.
"Submissions are critical in reporting suspicious content to Microsoft. They help improve the ML models to accurately detect malicious content," says Microsoft on the update's Microsoft 365 roadmap entry.
The improved suspicious content submission feature allows Microsoft 365 admins to submit suspicious files, URLs, and emails to Microsoft's security team for analysis.
Microsoft's feedback should be immediate, making it a lot faster to identify and remove any rules blocking legitimate content and allowing malicious content into tenants.
More details on how to submit suspicious files, emails, or URLs to Microsoft's security team for Office 365 scanning are available HERE.
Enhanced Office 365 malicious email analysis
Microsoft is also rolling out better malicious emails analysis capabilities for Office 365 which were announced in late July and allowing Microsoft 365 admins with access to Threat Explorer to preview and download malicious emails for further examination.
Threat Explorer is a Security & Compliance Center tool available to Office 365 Advanced Threat Protection (ATP) Plan 2 customers which allows SecOps teams to review and react to malware and phishing threats that reach their users' inboxes.
A new email timeline is also now part of the Office 365 Threat Explorer to distinguish between multiple events being triggered for the same malicious email.
This new addition considerably simplifies the hunting process by saving some of the time wasted while focusing on multiple points of interest during the analysis process.
A guide on how to use the Threat Explorer and real-time detections to detect and analyze malicious content is also provided by Microsoft, with detailed instructions related to reviewing user-reported emails, viewing data on phishing URLs, as well as on how to start automated investigations to save huge amounts of time.
.jpg)
Post a Comment Community Rules
You need to login in order to post a comment
Not a member yet? Register Now