| 88528 |
Microsoft 365 compliance center: Insider Risk Management analytics |
The Microsoft 365 Insider Risk Management solution will now provide aggregated and anonymized analytics to help identify potential insider risk activity within the organization. This is currently available in public preview. |
The Microsoft 365 Insider Risk Management solution will now provide aggregated and anonymized analytics to help identify potential insider risk activity within the organization. This is currently available in public preview. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
11/01/2021 |
| 88492 |
Microsoft 365 compliance center: Insider risk management – Native triggers for Azure AD account deletion |
Automatically detect user account deletion in Azure Active Directory for your organization to start scoring for risk indicators in the Data theft by departing users policy template. This is currently available in public preview. |
Automatically detect user account deletion in Azure Active Directory for your organization to start scoring for risk indicators in the Data theft by departing users policy template. Thisis currently available in public preview. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
11/01/2021 |
| 88491 |
Microsoft 365 compliance center: Insider risk management – User activity reports |
User activity reports allow you to examine activities for specific users for a defined time period without having to assign them temporarily or explicitly to an insider risk management policy. This is currently available in public preview. |
User activity reports allow you to examine activities for specific users for a defined time period without having to assign them temporarily or explicitly to an insider risk management policy. Thisis currently available in public preview. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
03/01/2022 |
| 88490 |
Microsoft 365 compliance center: Insider risk management – Device indicators |
These include policy indicators for activities such as sharing files over the network or with devices. This is currently available in public preview. |
These include policy indicators for activities such as sharing files over the network or with devices. Thisis currently available in public preview. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
11/01/2021 |
| 88489 |
Microsoft 365 compliance center: Insider risk management – Enhancements to content explorer |
The Microsoft 365 Insider risk management solution will have an improved performance and experience within the content explorer, including transparency of document loads and completeness. This is currently available in public preview. |
The Microsoft 365 Insider risk management solution will have an improved performance and experience within the content explorer, including transparency of document loads and completeness. Thisis currently available in public preview. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
11/01/2021 |
| 88488 |
Microsoft 365 compliance center: Insider risk management – Policy customization |
You can now customize the thresholds for the policy indicators that influence an activity's risk score, which in turn determines whether an alert's severity is low, medium, or high. This is currently available in public preview. |
You can now customize the thresholds for the policy indicators that influence an activity's risk score, which in turn determines whether an alert's severity is low, medium, or high. Thisis currently available in public preview. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
11/01/2021 |
| 88487 |
Microsoft 365 compliance center: Insider risk management – Intelligent detections: Domain settings |
You can specify domains in global settings which helps you to increase or decrease the risk scoring for activity that takes place with these domains. Additionally, you can use wildcards to help match variations of root domains or subdomains. This is currently available in public preview. |
You can specify domains in global settings which helps you to increase or decrease the risk scoring for activity that takes place with these domains. Additionally, you can use wildcards to help match variations of root domains or subdomains. Thisis currently available in public preview. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
11/01/2021 |
| 88486 |
Microsoft 365 compliance center: Insider risk management – "Watch the watchers" audit trail |
The insider risk management audit log enables you to stay informed on the actions that were taken on insider risk management features. This is currently available in public preview. |
The insider risk management audit log enables you to stay informed on the actions that were taken on insider risk management features. Thisis currently available in public preview. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
11/01/2021 |
| 88485 |
Microsoft 365 compliance center: Insider risk management – Policy health status |
The policy health status gives you insights into any potential issues with your insider risk management policies. This is currently available in public preview. |
The policy health status gives you insights into any potential issues with your insider risk management policies. Thisis currently available in public preview. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
11/01/2021 |
| 88484 |
Microsoft 365 compliance center: Insider risk management – File exfiltration signals from Edge or Chrome browsers |
This allows your organization to detect and act on browser exfiltration signals for all non-executable files viewed in Microsoft Edge and Google Chrome browsers. This is currently available in public preview. |
This allows your organization to detect and act on browser exfiltration signals for all non-executable files viewed in Microsoft Edge and Google Chrome browsers. This is currently available in public preview. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
11/01/2021 |
| 85589 |
Microsoft 365 compliance center: HR 1.2 Connector for Government clouds |
You can set up a connector in the Microsoft 365 compliance center to import human resources (HR) related events such as a user's resignation or a change in a user's job level. This information can be used by the Microsoft 365 insider risk management solution to bring users under scope of data theft/leak policies and enrich risk insights. |
You can set up a connector in the Microsoft 365 compliance center to import human resources (HR) related events such as a user's resignation or a change in a user's job level. This information can be used by the Microsoft 365 insider risk management solution to bring users under scope of data theft/leak policies and enrich risk insights. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 85588 |
Microsoft 365 compliance center: Physical badging Connector for Government clouds |
You can set up a connector in the Microsoft 365 compliance center to import physical badging data, such as employee’s raw physical access events or any physical access alarms generated by your organization's badging system. This information can be used by the Microsoft 365 insider risk management solution to generate risk indicators that can help you identify possible malicious activity or data theft inside your organization. |
You can set up a connector in the Microsoft 365 compliance center to import physical badging data, such as employee’s raw physical access events or any physical access alarms generated by your organization's badging system. This information can be used by the Microsoft 365 insider risk management solution to generate risk indicators that can help you identify possible malicious activity or data theft inside your organization. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 85581 |
Microsoft 365 Compliance center: Insider risk management - Enhancements to Export Alerts |
For the Export alerts feature, we have increased the frequency in which alerts are sent to the Office 365 Management Activity API to every hour (previously every 12 hours) so you can have more updated alert information available. |
For the Export alerts feature, we have increased the frequency in which alerts are sent to the Office 365 Management Activity API to every hour (previously every 12 hours) so you can have more updated alert information available. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 85580 |
Microsoft 365 Compliance center: Insider risk management - Enhancements to User Activity experience |
Within the user activity tab in a case, we have made enhancements to improve the activity review experience. |
Within the user activity tab in a case, we have made enhancements to improve the activity review experience. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 85579 |
Microsoft 365 Compliance center: Insider risk management - Enhancements to Cumulative exfiltration activities |
Enhancements to the cumulative exfiltration activity presentation to update how we explain the user’s activity compared to the organization. Enhancements to assign higher risk scores when cumulative exfiltration activity involves Microsoft Information Protection labels that have been configured as priority content in a policy. |
Enhancements to the cumulative exfiltration activity presentation to update how we explain the user’s activity compared to the organization. Enhancements to assign higher risk scores when cumulative exfiltration activity involves Microsoft Information Protection labels that have been configured as priority content in a policy. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 85578 |
Microsoft 365 Compliance center: Insider risk management - Enhanced alert review experience |
Enhancements to the alert overview experience to improve explanation of why an alert was created and improve ability to review the riskiest activity in an alert. |
Enhancements to the alert overview experience to improve explanation of why an alert was created and improve ability to review the riskiest activity in an alert. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 85577 |
Microsoft 365 Compliance center: Insider risk management - Admin email notifications |
This item has been delayed, and will be added back to the roadmap when the schedule is determined. An admin email notification will be sent when the first alert is generated after a new policy is created. This email will be deployed to all admins within the Insider Risk Management, Analyst, and Investigator role groups. |
This item has beendelayed, and will be added back to the roadmap when the schedule is determined. An admin email notification will be sent when the first alert is generated after a new policy is created. This email will be deployed to all admins within the Insider Risk Management, Analyst, and Investigator role groups. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 85576 |
Microsoft 365 Compliance center: Insider risk management - Guided onboarding experience: recommended actions |
Recommended actions that an admin should take for a complete onboarding experience. In-product guided walkthrough on how to complete onboarding actions such as selecting indictors, setting up a policy, and how to investigate an alert. |
Recommended actions that an admin should take for a complete onboarding experience. In-product guided walkthrough on how to complete onboarding actions such as selecting indictors, setting up a policy, and how to investigate an alert. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 83966 |
Microsoft Compliance center: Increased set of first-party indicators for Insider Risk Management |
The Microsoft 365 Insider Risk Management solution will now recognize an increase set of first party indicators, including Endpoint (Windows 10), Microsoft Teams, Azure Active Directory, SharePoint Online, and Microsoft Cloud Access Security. |
The Microsoft 365 Insider Risk Management solution will now recognize an increase set of first party indicators, including Endpoint (Windows 10), Microsoft Teams, Azure Active Directory, SharePoint Online, and Microsoft Cloud Access Security. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 83965 |
Microsoft Compliance center: Insider Risk Management: Microsoft Defender for Endpoint alerts |
Enables you to import indicators from Microsoft Defender for Endpoint related to unapproved or malicious software installation or bypassing security controls. |
Enables you to import indicators from Microsoft Defender for Endpoint related to unapproved or malicious software installation or bypassing security controls. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 83964 |
Microsoft Compliance center: Insider Risk Management: Security policy violations by disgruntled users |
Detects security violations by users near a stressor event. Includes activity generated by Microsoft Defender for Endpoint alerts, which detect possible security violations performed on devices on devices onboarded to your organization. |
Detects security violations by users near a stressor event. Includes activity generated by Microsoft Defender for Endpoint alerts, which detect possible security violations performed on devices on devices onboarded to your organization. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 83963 |
Microsoft Compliance center: Insider Risk Management: Security policy violations by departing users |
Detects security violations by departing users near their resignation or termination date. Includes activity generated by Microsoft Defender for Endpoint alerts, which detect possible security violations performed on devices onboarded to your organization. |
Detects security violations by departing users near their resignation or termination date. Includes activity generated by Microsoft Defender for Endpoint alerts, which detect possible security violations performed on devices onboarded to your organization. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 83962 |
Microsoft Compliance center: Insider Risk Management: Security policy violations by priority users |
Detects security violations by users included in a priority user group. Includes activity generated by Microsoft Defender for Endpoint alerts, which detect possible security violations performed on devices on devices onboarded to your organization. |
Detects security violations by users included in a priority user group. Includes activity generated by Microsoft Defender for Endpoint alerts, which detect possible security violations performed on devices on devices onboarded to your organization. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 83961 |
Microsoft Compliance center: Insider Risk Management: General Security Policy Violations |
Detects general security violations by users. Includes activity generated by Microsoft Defender for Endpoint alerts, which detect possible security violations performed on devices onboarded to your organization. |
Detects general security violations by users. Includes activity generated by Microsoft Defender for Endpoint alerts, which detect possible security violations performed on devices onboarded to your organization. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 83960 |
Microsoft Compliance center: Insider Risk Management integration with Teams and Power Automate |
Insider Risk Management integration with Microsoft Teams allows for richer collaboration across an organization. Additionally, integration with Power Automate allows organizations to configure Power Automate flows to automate tasks for Insider Risk Management cases and users. |
Insider Risk Management integration with Microsoft Teams allows for richer collaboration across an organization. Additionally, integration with Power Automate allows organizations to configure Power Automate flows to automate tasks for Insider Risk Management cases and users. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 83959 |
Microsoft Compliance center: Insider Risk Management: Data leaks by disgruntled users |
Detects data leaks by users near a stressor event. |
Detects data leaks by users near a stressor event. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 83958 |
Microsoft Compliance center: Insider Risk Management: Intelligent detections – Domain settings |
Intelligent detection domain settings help you define risk levels for activities to specific domains. By specifying domains in these settings, you can increase or decrease the risk scoring for activity that takes place with these domains. |
Intelligent detection domain settings help you define risk levels for activities to specific domains. By specifying domains in these settings, you can increase or decrease the risk scoring for activity that takes place with these domains. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 83957 |
Microsoft Compliance center: Enhanced policy creation wizard, policy customization, and policy health check for Insider Risk Management |
We're improving the experience of Insider Risk Management policy creation, including enhanced guard rails to enforce proper policy configuration and ability to customize policy templates to meet the unique needs of your organization. Additionally, Insider Risk Management will now surface policy status to identify misconfigured policies which could impact detections. |
We're improving the experience of Insider Risk Management policy creation, including enhanced guard rails to enforce proper policy configuration and ability to customize policy templates to meet the unique needs of your organization. Additionally, Insider Risk Management will now surface policy status to identify misconfigured policies which could impact detections. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 83956 |
Microsoft Compliance center: Insider Risk Management: Define priority user groups and detect data leaks by priority users |
Define users in your organization that need closer inspection based on factors such as their position, level of access to sensitive information, or risk history. Once created, these groups can be included in certain policy templates, such as detecting data leaks by users included in a priority user group. |
Define users in your organization that need closer inspection based on factors such as their position, level of access to sensitive information, or risk history. Once created, these groups can be included in certain policy templates, such as detecting data leaks by users included in a priority user group. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 83955 |
Microsoft Compliance center: Insider Risk Management integration with Teams and Power Automate |
Insider Risk Management integration with Microsoft Teams allows for richer collaboration across an organization. Additionally, integration with Power Automate allows organizations to configure Power Automate flows to automate tasks for Insider Risk Management cases and users. |
Insider Risk Management integration with Microsoft Teams allows for richer collaboration across an organization. Additionally, integration with Power Automate allows organizations to configure Power Automate flows to automate tasks for Insider Risk Management cases and users. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 83954 |
Microsoft Compliance center: Insider Risk Management recognizes device indicators |
Policy indicators are now available to capture signals from Windows 10 endpoints to deliver new insights related to obfuscation, exfiltration, and infiltration of sensitive information. |
Policy indicators are now available to capture signals from Windows 10 endpoints to deliver new insights related to obfuscation, exfiltration, and infiltration of sensitive information. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 83953 |
Microsoft Compliance center: Insider Risk Management data appears in Activity Explorer |
Activity explorer provides risk investigators and analysts with a comprehensive tool that surfaces detailed information about alerts to enhance the alert triage experience. |
Activity explorer provides risk investigators and analysts with a comprehensive tool that surfaces detailed information about alerts to enhance the alert triage experience. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
07/01/2021 |
| 83952 |
Microsoft Compliance center: Insider Risk Management data appears in Activity Explorer |
Activity explorer provides risk investigators and analysts with a comprehensive tool that surfaces detailed information about alerts to enhance the alert triage experience. |
Activity explorer provides risk investigators and analysts with a comprehensive tool that surfaces detailed information about alerts to enhance the alert triage experience. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
06/01/2021 |
| 82153 |
Microsoft 365 compliance center: Insider risk management - Healthcare connector and policy template |
New healthcare policy template with built-in indicators that leverages data from Epic and other electronic medical records (EMR) solutions – using our Data Connectors - to help healthcare companies identify potential insider risks related to patient data misuse. |
New healthcare policy template with built-in indicators that leverages data from Epic and other electronic medical records (EMR) solutions – using our Data Connectors - to help healthcare companies identify potential insider risks related to patient data misuse. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 82152 |
Microsoft 365 compliance center: Insider risk management - Exfiltration signals from macOS |
Endpoint exfiltration signals for Office, PDF, and CSV files from macOS endpoints. |
Endpoint exfiltration signals for Office, PDF, and CSV files from macOS endpoints. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 82151 |
Microsoft 365 compliance center: Insider risk management - Integration with Microsoft Sentinel |
New integration with Microsoft Sentinel provides the flexibility to collect, detect, and investigate insider risk activities within Microsoft Sentinel. This native connector allows for seamless import of alerts, which provides analysts with a single pane of glass to review alerts for insider risk in a broader organizational context. |
New integration with Microsoft Sentinel provides the flexibility to collect, detect, and investigate insider risk activities within Microsoft Sentinel. This native connector allows for seamless import of alerts, which provides analysts with a single pane of glass to review alerts for insider risk in a broader organizational context. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 82145 |
Microsoft 365 compliance center: Insider risk management - New ML detectors |
New detections powered by machine learning (ML) to help uncover hidden insider risks. |
New detections powered by machine learning (ML) to help uncover hidden insider risks. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 82144 |
Microsoft 365 compliance center: Insider risk management - Increased visibility on browsers |
Increased visibility of risky activity using browsers and associated insider risk policy templates. |
Increased visibility of risky activity using browsers and associated insider risk policy templates. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 82143 |
Microsoft 365 compliance center: Insider risk management - Policy customization enhancements |
Ability to fine-tune policies to trigger on precise exfiltration events. |
Ability to fine-tune policies to trigger on precise exfiltration events. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 82142 |
Microsoft 365 compliance center: Insider risk management - Triage and investigation improvements |
Enhancements including historical insight for Exchange Online, ingest triggering events into Activity explorer. |
Enhancements including historical insight for Exchange Online, ingest triggering events into Activity explorer. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 82127 |
Microsoft Compliance center: Ability to export Insider Risk Management alerts |
Insider risk management alert information is exportable to security information and event management (SIEM) services via the Office 365 Management Activity API schema. |
Insider risk management alert information is exportable to security information and event management (SIEM) services via the Office 365 Management Activity API schema. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
11/01/2021 |
| 82126 |
Microsoft Compliance center: Insider Risk Management supports native triggers for Azure Active Directory account deletion |
Automatically detect user account deletion in Azure Active Directory for your organization to start scoring for risk indicators in the Data theft by departing users policy template. |
Automatically detect user account deletion in Azure Active Directory for your organization to start scoring for risk indicators in the Data theft by departing users policy template. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 70717 |
Microsoft 365 compliance center: ServiceNow template for PowerAutomate available within Insider Risk Management |
A ServiceNow PowerAutomate template will be provided to integrate Insider Risk Management with ServiceNow. |
A ServiceNow PowerAutomate template will be provided to integrate Insider Risk Management with ServiceNow. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 70716 |
Microsoft 365 compliance center: Enhanced policy creation wizard for Insider Risk Management |
We're improving the experience of Insider Risk Management policy creation, including enhanced guard rails to enforce proper policy configuration. |
We're improving the experience of Insider Risk Management policy creation, including enhanced guard rails to enforce proper policy configuration. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 70715 |
Microsoft 365 compliance center: Enhanced user management in Insider Risk Management solution |
We're improving the experience around manually adding or removing users from Insider Risk Management policy scoring scope. |
We're improving the experience around manually adding or removing users from Insider Risk Management policy scoring scope. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 70714 |
Microsoft 365 compliance center: Policy health check for Insider Risk Management |
Insider Risk Management will now surface policy status to identify misconfigured policies which could impact detections. |
Insider Risk Management will now surface policy status to identify misconfigured policies which could impact detections. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 70713 |
Microsoft 365 compliance center: Insider Risk Management supports sequencing |
Insider Risk Management will improve fidelity of detections by looking for sequences of events over time. Sequences include collection followed by data exfiltration, obfuscation before exfiltration, or exfiltration followed by cleanup. |
Insider Risk Management will improve fidelity of detections by looking for sequences of events over time. Sequences include collection followed by data exfiltration, obfuscation before exfiltration, or exfiltration followed by cleanup. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 70712 |
Microsoft 365 compliance center: Insider Risk Management supports native triggers |
The Microsoft 365 Insider Risk Management solution will now leverage native triggers for Data Leak or Departing Employee Data Theft policy templates. |
The Microsoft 365 Insider Risk Management solution will now leverage native triggers for Data Leak or Departing Employee Data Theft policy templates. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 70711 |
Microsoft 365 compliance center: Insider Risk Management supports fine-grained role-based access control |
Insider Risk Management will now limit visibility of alerts and cases related to priority users to specific IRM Analysts or IRM Investigators. |
Insider Risk Management will now limit visibility of alerts and cases related to priority users to specific IRM Analysts or IRM Investigators. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 70633 |
Microsoft 365 compliance center: Insider Risk Management analytics |
The Microsoft 365 Insider Risk Management solution will now provide aggregated and anonymized analytics to help identify potential insider risk activity within the organization. |
The Microsoft 365 Insider Risk Management solution will now provide aggregated and anonymized analytics to help identify potential insider risk activity within the organization. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 70632 |
Microsoft 365 compliance center: Content explorer enhancements for Insider Risk Management |
The Microsoft 365 Insider Risk Management solution will have an improved performance and experience within the content explorer, including transparency of document loads and completeness. |
The Microsoft 365 Insider Risk Management solution will have an improved performance and experience within the content explorer, including transparency of document loads and completeness. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 70631 |
Microsoft 365 compliance center: Enhanced support for domains in Insider Risk Management |
Insider Risk Management now support enhanced classification of unallowed, allowed, and third-party domains leveraging wildcards. This helps improve classification of detections. |
Insider Risk Management now support enhanced classification of unallowed, allowed, and third-party domains leveraging wildcards. This helps improve classification of detections. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 70630 |
Microsoft 365 compliance center: Insider Risk Management recognizes sensitivity label downgrade |
Insider Risk Management will now be able to identify documents where the user successfully downgrades the sensitivity label applied on it. |
Insider Risk Management will now be able to identify documents where the user successfully downgrades the sensitivity label applied on it. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 68924 |
Microsoft 365 compliance center: Increased set of first-party indicators for Insider Risk Management |
The Microsoft 365 Insider Risk Management solution will now recognize an increase set of first party indicators, including Endpoint (Windows 10), Microsoft Teams, Azure Active Directory, SharePoint Online, and Microsoft Cloud Access Security. |
The Microsoft 365 Insider Risk Management solution will now recognize an increase set of first party indicators, including Endpoint (Windows 10), Microsoft Teams, Azure Active Directory, SharePoint Online, and Microsoft Cloud Access Security. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 68921 |
Microsoft 365 compliance center: "Watch-the-watchers" audit trail for Insider Risk Management |
Audit and review activities of IRM Analyst, IRM Investigator, and IRM Admin roles within the Microsoft 365 Insider Risk Management solution. The audit trail will be available for a new role (IRM Auditor) to maintain integrity of an independent audit control. |
Audit and review activities of IRM Analyst, IRM Investigator, and IRM Admin roles within the Microsoft 365 Insider Risk Management solution. The audit trail will be available for a new role (IRM Auditor) to maintain integrity of an independent audit control. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 68710 |
Microsoft 365 compliance center: Insider Risk Management solution available for DoD |
Announcing the general availability of the Insider Risk Management solution within the Microsoft 365 compliance center for DoD cloud environments. |
Announcing the general availability of the Insider Risk Management solution within the Microsoft 365 compliance center for DoD cloud environments. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
06/01/2021 |
| 61225 |
Insider Risk Management: Integration with Communication Compliance |
Ability to leverage Communication Compliance capabilities to identify additional risk areas |
Ability to leverage Communication Compliance capabilities to identify additional risk areas. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 82145 |
Microsoft 365 compliance center: Insider risk management - New ML detectors |
New detections powered by machine learning (ML) to help uncover hidden insider risks. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
New detections powered by machine learning (ML) to help uncover hidden insider risks. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy. |
N/A |
| 66583 |
Microsoft Teams: Search results page in Teams |
A new search experience in Teams will make finding messages, people, answers, and files faster and more intuitive. A redesigned search results page provides better context and faster results, with AI-powered relevance based on the people and content you engage with most in Teams and other Microsoft 365 services. |
A new search results page experience in Teams will make finding messages, people, answers, and files faster and more intuitive. A new All page to show top results from each domain, Bookmark and Acronym Answers, decluttered search result snippets, preview message results for more context, more discoverable filters, previews for files - with better relevance based on the people and content you engage with most in Teams and other Microsoft 365 services. |
11/01/2021 |
