55742 – Automated Incident Response for compromised user accounts (archived)

All environments, General Availability, Launched, Office 365 Advanced Threat Protection

check before: 2020-02-29

Product:

Advanced Threat Protection - Azure (ATP), Advanced Threat Protection - Office 365, Azure Active Directory, Cloud App Security, Defender ATP, Exchange

Platform:

Online, Web, World tenant

Status:

Launched

Change type:

Links:

Details:

We're adding a new playbook for automated investigation and remediation of compromised user accounts. With the new playbook for detecting compromised users, security teams can automatically identify, mitigate, and contain threats due to these user accounts, reducing potential damages significantly. The playbook will trigger automatic investigations for users with abnormal sending patterns or users restricted from sending email. The playbook will also provide valuable insights into how the user was compromised, if the user clicked on a bad link or it changed state, or if the user performed some malicious activity, such as sending phish or malware and other critical information including what actions the security team performed.

Change Category:
XXXXXXX ...

Scope:
XXXXXXX ...

Release Phase:
General Availability

Created:
2019-09-27

updated:
2020-09-01

the free basic plan is required to see all details. Sign up here

A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.

Get a Plan

Last updated 2 years ago

MC724832 - Microsoft Defender for Office 365: User… 6. March 2024 Administration check before: 2024-03-20 Product: Defender, Defender for Office 365, Defender XDR Platform: US Instances, Web, World tenant Status: Launched Change type: New feature, User impact Links: 186575 Details: Microsoft Defender for Office 365 now allows…
373310 - Microsoft Purview compliance portal: Data… 11. January 2024 Administration check before: 2024-03-01 Product: Purview Communication Compliance, Purview Data Loss Prevention Platform: Web, World tenant Status: In development Change type: Links: Details: You can now elevate your DLP incident management with the power of customizable…
MC716666 - Improving licensing checks for secondary… 17. February 2024 Administration check before: 2024-03-02 Product: Exchange, Microsoft 365 Apps, Outlook Platform: Online, Web, World tenant Status: Change type: Feature update, User impact, Admin impact Links: Details: Starting February 1, 2024, the new Outlook for Windows will…
MC719659 - (Updated) Microsoft Teams: Access work,… 27. February 2024 Administration check before: 2024-03-12 Product: Microsoft 365 Apps, Teams, Windows, Windows Virtual Desktop Platform: Mac, Windows Desktop, World tenant Status: In development Change type: Admin impact, New feature, Updated message, User impact Links: 383006 Details: Starting…
MC719655 - (Updated) Microsoft Teams admin center… 27. February 2024 Administration check before: 2024-03-12 Product: Microsoft 365 admin center, Teams Platform: US Instances, World tenant Status: Change type: Admin impact, Feature update, Updated message Links: Details: The Microsoft Teams admin center search bar will now support…
MC711335 - (Updated) Microsoft Defender for Office… 31. January 2024 Administration *For this entry exists the more relevant or more recent entry MC718246 check before: 2024-02-14 Product: Defender, Defender for Office 365, Defender XDR, Exchange Platform: Online, US Instances, Web, World tenant Status: Rolling out Change…

Share to MS Teams

55742 – Automated Incident Response for compromised user accounts (archived)

check before: 2020-02-29

Related Posts:

cloudscout.one

Schierding.one GmbH

become an evergreen hero

Hey there! We've got some great news - our Basic Plus plan has everything you need to succeed, and it's completely free! So, don't hesitate - take advantage of this amazing opportunity today!

Welcome Back, We Missed You!