*For this entry exists the more relevant or more recent entry (MC978927)
check before: 2025-02-01
Product:
Defender, Defender for Office 365
Platform:
US Instances, Web, World tenant
Status:
Launched
Change type:
Links:
(MC978927)
Details:
The AIR attribution update will empower customers with enhanced insights by deciphering between remediations produced by AIR versus truly manual remediations initiated independently by SecOps teams. Presently, all actions produced by AIR and approved by SecOps are logged as manual remediations throughout the portal. With this update, messages that are remediated as a result of approval of an AIR action will be logged as SecOps approved automated actions.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
General Availability
Created:
2024-04-17
updated:
2025-02-20
Docu to Check
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
Direct effects for Operations**
- Direct Impact on IT Operations
- Changes in logging mechanisms for remediation actions
- Potential for confusion among IT administrators regarding the source of remediation actions (AIR vs. manual)
- Roles impacted: IT Security Teams, IT Administrators
- Need for updated training and documentation to reflect new logging practices
- Roles impacted: IT Training Coordinators, IT Support Staff
- Direct Impact on IT Services
- Altered reporting and analytics capabilities
- Reports may need to be adjusted to differentiate between automated and manual actions, affecting service delivery and performance metrics
- Roles impacted: IT Service Managers, Compliance Officers
- Potential for increased workload on IT teams to analyze and interpret new logs
- Roles impacted: IT Analysts, Security Operations Center (SOC) Teams
References:
- Microsoft Defender for Office 365 documentation: [Microsoft Docs](https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/defender-for-office-365?view=o365-worldwide)
- AIR (Automated Investigation and Response) capabilities: [Microsoft Tech Community](https://techcommunity.microsoft.com/t5/security-compliance-identity/automated-investigation-and-response-in-microsoft-defender-for/ba-p/1949913)
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
change history
| Date | Property | old | new |
| 2025-02-20 | RM Status | In development | Launched |
| 2025-01-08 | RM Release | September CY2024 | February CY2025 |
Last updated 5 months ago
