MC296611 – (Updated) Microsoft Defender for Office 365: Introducing Built-In-Protection

cloudscout.one Icon

check before: 2021-11-19

Product:

Defender, Defender for Office 365, Microsoft 365 Defender, Microsoft Defender for Office 365

Platform:

US Instances, Web, World tenant

Status:

Rolling out

Change type:

Admin impact, New feature, Updated message

Links:

72208

Details:

Updated August 30, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by early October (previously late August).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs

Change Category:
XXXXXXX ...

Scope:
XXXXXXX ...

Release Phase:
General Availability

Created:
2021-11-06

updated:
2022-08-31

the free basic plan is required to see all details. Sign up here


A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.


changes*

DatePropertyoldnew
2022-08-31MC Last Updated07/28/2022 19:17:152022-08-30T23:03:12Z
2022-08-31MC MessagesUpdated July 28, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by late August (previously late July).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs
Updated August 30, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by early October (previously late August).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs
2022-08-31MC End Time09/30/2022 09:00:002022-11-04T08:00:00Z
2022-08-27MC prepareNo security admin action is required. You will want to review the impact to users who are not already protected under a standard or strict preset or under an explicit Safe Links and Safe Attachment custom policy.
We will release the option to configure exceptions in the Microsoft 365 Defender portal in early November ahead of enabling the Built-In-Protection policy.
Although we do not recommend it, we recognize the need for some organizations to exclude certain users or groups from Built-In-Protection and admins will have the opportunity to configure these exceptions ahead of December rollout.
This is rolling out default on.
Learn more:
MDO blog announcing Built-In-Protection
Learn how to configure Built-in-Protection
See the specific settings set in Built-In-Protection
https://docs.microsoft.com/microsoft-365/security/office-365-security/preset-security-policies?view=o365-worldwide
https://docs.microsoft.com/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-worldwide
https://docs.microsoft.com/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-worldwide#safe-attachments-settings
https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=72208
No security admin action is required. You will want to review the impact to users who are not already protected under a standard or strict preset or under an explicit Safe Links and Safe Attachment custom policy.
We will release the option to configure exceptions in the Microsoft 365 Defender portal in early November ahead of enabling the Built-In-Protection policy.
Although we do not recommend it, we recognize the need for some organizations to exclude certain users or groups from Built-In-Protection and admins will have the opportunity to configure these exceptions ahead of December rollout.
This is rolling out default on.
Learn more:
MDO blog announcing Built-In-Protection
Learn how to configure Built-in-Protection
See the specific settings set in Built-In-Protection
ps://docs.microsoft.com/microsoft-365/security/office-365-security/preset-security-policies?view=o365-world
ps://docs.microsoft.com/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-world
ps://docs.microsoft.com/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-worldwide#safe-attachments-setti
ps://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=72208
2022-07-29MC Last Updated06/30/2022 20:10:372022-07-28T19:17:15Z
2022-07-29MC MessagesUpdated June 30, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by late July (previously mid-June).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs
Updated July 28, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by late August (previously late July).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs
2022-07-29MC End Time08/31/2022 09:00:002022-09-30T09:00:00Z
2022-07-01MC Last Updated05/05/2022 21:44:212022-06-30T20:10:37Z
2022-07-01MC MessagesUpdated May 04, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by mid-June (previously late April).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs
Updated June 30, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by late July (previously mid-June).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs
2022-07-01MC End Time07/22/2022 09:00:002022-08-31T09:00:00Z
2022-05-06MC Last Updated03/04/2022 21:58:372022-05-05T21:44:21Z
2022-05-06MC MessagesUpdated March 04, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by late April (previously late February).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs
Updated May 04, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by mid-June (previously late April).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs
2022-05-06MC End Time06/13/2022 09:00:002022-07-22T09:00:00Z

*starting April 2022

Last updated 4 weeks ago

Login to your account

Welcome Back, We Missed You!