MC296611 – (Updated) Microsoft Defender for Office 365: Introducing Built-In-Protection

cloudscout.one Icon

check before: 2021-11-19

Product:

Defender, Defender for Office 365, Microsoft 365 Defender, Microsoft Defender for Office 365

Platform:

US Instances, Web, World tenant

Status:

Rolling out

Change type:

Admin impact, New feature, Updated message

Links:

72208

Details:

Updated August 30, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by early October (previously late August).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs

Change Category:
XXXXXXX ...

Scope:
XXXXXXX ...

Release Phase:
General Availability

Created:
2021-11-06

updated:
2022-08-31

the free basic plan is required to see all details. Sign up here

A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.

Login
Get a Plan

changes*

DatePropertyoldnew
2022-08-31MC Last Updated07/28/2022 19:17:152022-08-30T23:03:12Z
2022-08-31MC MessagesUpdated July 28, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by late August (previously late July).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs		Updated August 30, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by early October (previously late August).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs
2022-08-31MC End Time09/30/2022 09:00:002022-11-04T08:00:00Z
2022-08-27MC prepareNo security admin action is required. You will want to review the impact to users who are not already protected under a standard or strict preset or under an explicit Safe Links and Safe Attachment custom policy.
We will release the option to configure exceptions in the Microsoft 365 Defender portal in early November ahead of enabling the Built-In-Protection policy.
Although we do not recommend it, we recognize the need for some organizations to exclude certain users or groups from Built-In-Protection and admins will have the opportunity to configure these exceptions ahead of December rollout.
This is rolling out default on.
Learn more:
MDO blog announcing Built-In-Protection
Learn how to configure Built-in-Protection
See the specific settings set in Built-In-Protection
https://docs.microsoft.com/microsoft-365/security/office-365-security/preset-security-policies?view=o365-worldwide
https://docs.microsoft.com/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-worldwide
https://docs.microsoft.com/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-worldwide#safe-attachments-settings
https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=72208		No security admin action is required. You will want to review the impact to users who are not already protected under a standard or strict preset or under an explicit Safe Links and Safe Attachment custom policy.
We will release the option to configure exceptions in the Microsoft 365 Defender portal in early November ahead of enabling the Built-In-Protection policy.
Although we do not recommend it, we recognize the need for some organizations to exclude certain users or groups from Built-In-Protection and admins will have the opportunity to configure these exceptions ahead of December rollout.
This is rolling out default on.
Learn more:
MDO blog announcing Built-In-Protection
Learn how to configure Built-in-Protection
See the specific settings set in Built-In-Protection
ps://docs.microsoft.com/microsoft-365/security/office-365-security/preset-security-policies?view=o365-world
ps://docs.microsoft.com/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-world
ps://docs.microsoft.com/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-worldwide#safe-attachments-setti
ps://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=72208
2022-07-29MC Last Updated06/30/2022 20:10:372022-07-28T19:17:15Z
2022-07-29MC MessagesUpdated June 30, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by late July (previously mid-June).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs		Updated July 28, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by late August (previously late July).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs
2022-07-29MC End Time08/31/2022 09:00:002022-09-30T09:00:00Z
2022-07-01MC Last Updated05/05/2022 21:44:212022-06-30T20:10:37Z
2022-07-01MC MessagesUpdated May 04, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by mid-June (previously late April).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs		Updated June 30, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by late July (previously mid-June).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs
2022-07-01MC End Time07/22/2022 09:00:002022-08-31T09:00:00Z
2022-05-06MC Last Updated03/04/2022 21:58:372022-05-05T21:44:21Z
2022-05-06MC MessagesUpdated March 04, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by late April (previously late February).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs		Updated May 04, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by mid-June (previously late April).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs
2022-05-06MC End Time06/13/2022 09:00:002022-07-22T09:00:00Z

*starting April 2022

Last updated 4 weeks ago

Related Posts:

  • 93262 - Microsoft Defender for Office 365: Configurable impersonation protection sender and domain lists and scoping in Preset Security policy
    93262 - Microsoft Defender for Office 365: Configurable…     18. May 2022 check before: 2022-06-01 Product: Defender, Defender for Office 365 Platform: US Instances, Web, World tenant Status: Launched Change type: Feature update, Admin impact Links: (MC388229) Details: We're adding capabilities within preset security policies (Strict and…
  • 93436 - Microsoft Defender for Office 365: Enforce authentication to pass on AntiSpam allowed domains & senders for Spoof protection
    93436 - Microsoft Defender for Office 365: Enforce…     10. August 2022 *For this entry exists the more relevant or more recent entry MC415186 check before: 2022-09-01 Product: Defender, Defender for Office 365 Platform: US Instances, Web, World tenant Status: In development Change type: Feature update, Admin…
  • MC406649 - AAD Security Reader Role in Microsoft Defender for Cloud Apps - Alignment with Microsoft 365 Defender
    MC406649 - AAD Security Reader Role in Microsoft Defender…     29. July 2022 check before: 2022-08-28 Product: Azure Active Directory, Defender, Defender for Cloud Apps, Microsoft 365 Defender Platform: World tenant, Online Status: Change type: User impact, Admin impact Links: Details: Currently the AAD “Security Reader” role can…
  • 98922 - Microsoft Defender for Identity: User page enhancements in Microsoft 365 Defender
    98922 - Microsoft Defender for Identity: User page…     30. August 2022 *For this entry exists the more relevant or more recent entry MC431144 check before: 2022-11-01 Product: Defender, Defender for Identity, Microsoft 365 Defender, Microsoft 365 Groups Platform: Web, World tenant Status: In development Change type:…
  • 98921 - Microsoft Defender for Identity: User activity timeline in Microsoft 365 Defender
    98921 - Microsoft Defender for Identity: User activity…     31. August 2022 check before: 2022-12-01 Product: Defender, Defender for Identity, Microsoft 365 Defender Platform: Web, World tenant Status: In development Change type: Feature update, User impact Links: Details: Using the activity timeline from the Microsoft Defender for…
  • MC411677 - Microsoft Information Protection: Maintain label and protection when creating PDF files from VBA in Office apps
    MC411677 - Microsoft Information Protection: Maintain label…     10. August 2022 check before: 2022-08-24 Product: Microsoft 365 Apps, Purview Communication Compliance, Purview Information Protection Platform: Developer, Windows Desktop, World tenant Status: In development Change type: New feature, Admin impact Links: 93406 Details: This feature is for…

5 Responses

  1. Pingback: 2022 CW 35 Microsoft 365 Message Center changes | cloudscout.one
  2. Pingback: 2022 CW 36 Microsoft 365 Message Center changes | cloudscout.one
  3. Pingback: 2022 CW 31 Microsoft 365 Message Center changes | cloudscout.one
  4. Pingback: 2021 CW 45 Microsoft 365 Message Center changes | cloudscout.one
  5. Pingback: 2022 CW 03 Microsoft 365 Message Center changes | cloudscout.one

Leave a Reply

cloudscout.one

Consolidated Microsoft 365 Roadmap and Message Center analysis for Office 365 operations and change management.

Share on

Support

Schierding.one GmbH

Alleenstraße 16
78549 Spaichingen
Phone: +49 (0)7424 60899-09
E-Mail: info@schierding.one
Amtsgericht Stuttgart (HRB 767585)
USt-ID DE321821109

Legal:

Privacy Policy

Imprint

FAQ

Login to your account

Welcome Back, We Missed You!