MC788953 – (Updated) Microsoft Defender for Office 365: New added feature called the Take action wizard in Threat Explorer. (archived)

cloudscout.one Icon

check before: 2024-05-14

Product:

Defender, Defender for Office 365, Defender XDR, Microsoft 365 Defender

Platform:

US Instances, Web, World tenant

Status:

Launched

Change type:

Feature update, Admin impact

Links:

393937

Details:

Summary:
Microsoft Defender for Office 365 has introduced a new feature called Take action wizard in Threat Explorer, allowing execution of multiple response actions simultaneously. This enhancement aids in efficient threat remediation, supporting actions like email purging, inline submissions, and Tenant level block actions for up to 100 messages. Rollout began in mid-April 2024 and will complete by late June 2024. Users need the Search and Purge role to perform email purge actions.

Details:
Updated July 5, 2024: We are evaluating the timeline for GCC customers at this time and will communicate via Message center when we are ready to proceed. Thank you for your patience.
Microsoft Defender for office 365 Services now allows the execution of several response actions simultaneously through the Take action wizard in Threat Explorer/ Realtime detection.
Many Security analyst teams use Threat explorer to execute bulk email remediation actions, and we’re enhancing this capability with an improved Take action feature. This feature facilitates a more streamlined and efficient remediation of threats.
With the new Take action wizard, you can perform multiple actions such as purging emails, inline submissions, triggering investigations, and Tenant level block actions together with a single wizard up to 100 messages. Moreover, you can take Tenant level block URL/file actions directly from Threat explorer.
Alternatively, if you want to perform bulk email remediation for more than 100, this new wizard will enable you to do that in an organized manner.
Some of the actions are not available based on the current location of the message, but if there is a conflict, the new experience gives more options and power through toggle. SecOps can use toggle choices to turn them on/off as desired and take proper action.
This message is associated with Microsoft 365 Roadmap ID 393937
[When this will happen:]
General Availability (Worldwide): Rollout began in mid-April 2024 and expect to complete by late June 2024.
General Availability (GCC): On-hold.

Change Category:
XXXXXXX ...

Scope:
XXXXXXX ...

Release Phase:
General Availability

Created:
2024-04-30

updated:
2024-07-06

the free basic plan is required to see all details. Sign up here


A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.


changes*

DatePropertyoldnew
2024-07-06MC MessagesMicrosoft Defender for office 365 Services now allows the execution of several response actions simultaneously through the Take action wizard in Threat Explorer/ Realtime detection.
Many Security analyst teams use Threat explorer to execute bulk email remediation actions, and we’re enhancing this capability with an improved Take action feature. This feature facilitates a more streamlined and efficient remediation of threats.
With the new Take action wizard, you can perform multiple actions such as purging emails, inline submissions, triggering investigations, and Tenant level block actions together with a single wizard up to 100 messages. Moreover, you can take Tenant level block URL/file actions directly from Threat explorer.
Alternatively, if you want to perform bulk email remediation for more than 100, this new wizard will enable you to do that in an organized manner.
Some of the actions are not available based on the current location of the message, but if there is a conflict, the new experience gives more options and power through toggle. SecOps can use toggle choices to turn them on/off as desired and take proper action.
This message is associated with Microsoft 365 Roadmap ID 393937
[When this will happen:]
General Availability (Worldwide): Rollout began in mid-April 2024 and expect to complete by late June 2024.
General Availability (GCC): We will begin rolling out mid-May 2024 and expect to complete by late June 2024.
Updated July 5, 2024: We are evaluating the timeline for GCC customers at this time and will communicate via Message center when we are ready to proceed. Thank you for your patience.
Microsoft Defender for office 365 Services now allows the execution of several response actions simultaneously through the Take action wizard in Threat Explorer/ Realtime detection.
Many Security analyst teams use Threat explorer to execute bulk email remediation actions, and we’re enhancing this capability with an improved Take action feature. This feature facilitates a more streamlined and efficient remediation of threats.
With the new Take action wizard, you can perform multiple actions such as purging emails, inline submissions, triggering investigations, and Tenant level block actions together with a single wizard up to 100 messages. Moreover, you can take Tenant level block URL/file actions directly from Threat explorer.
Alternatively, if you want to perform bulk email remediation for more than 100, this new wizard will enable you to do that in an organized manner.
Some of the actions are not available based on the current location of the message, but if there is a conflict, the new experience gives more options and power through toggle. SecOps can use toggle choices to turn them on/off as desired and take proper action.
This message is associated with Microsoft 365 Roadmap ID 393937
[When this will happen:]
General Availability (Worldwide): Rollout began in mid-April 2024 and expect to complete by late June 2024.
General Availability (GCC): On-hold.
2024-07-06MC TitleMicrosoft Defender for Office 365: New added feature called the Take action wizard in Threat Explorer.(Updated) Microsoft Defender for Office 365: New added feature called the Take action wizard in Threat Explorer.
2024-07-06MC Last Updated04/30/2024 01:04:322024-07-05T19:47:46Z

*starting April 2022

Last updated 4 months ago

Share to MS Teams

Login to your account

Welcome Back, We Missed You!