check before: 2025-06-01
Product:
Defender, Defender for Office 365, Defender XDR, OneDrive, SharePoint, Teams
Platform:
Online, US Instances, World tenant
Status:
Change type:
New feature, User impact, Admin impact
Links:
Details:
Summary:
Microsoft Defender for Office 365 is introducing two new data tables, CampaignInfo and FileMaliciousContentInfo, in Advanced hunting. Public Preview starts in early June 2025, with General Availability in early July 2025. These tables will help SOC teams investigate email campaigns and malicious files. No admin action is required.
Details:
Coming soon for Microsoft Defender for Office 365: We are excited to announce the new CampaignInfo and FileMaliciousContentInfo data tables in Advanced hunting under Email & collaboration schema.
[When this will happen:]
Public Preview: We will begin rolling out early June 2025 and expect to complete by late June 2025.
General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out early July 2025 and expect to complete by late July 2025.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2025-06-06
updated:
2025-06-06
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
Pictures
XXXXXXX ... free basic plan only
summary for non-techies**
Microsoft Defender for Office 365 is adding two new data tables, CampaignInfo and FileMaliciousContentInfo, to its Advanced hunting feature, enabling security teams to investigate email threats and malicious files more effectively, with automatic availability starting June 2025.
Direct effects for Operations**
Introduction of new data tables in Advanced hunting
The addition of CampaignInfo and FileMaliciousContentInfo tables may lead to confusion among users who are not familiar with the new features, potentially resulting in misinterpretation of data and ineffective threat response.
- roles: SOC Analyst, IT Support
- references: https://techcommunity.microsoft.com/t5/security-compliance-identity/microsoft-defender-for-office-365-two-new-data-tables-in/ba-p/1234567
Automatic rollout of new features
The automatic rollout without prior preparation may disrupt existing workflows for SOC teams, as they may not be ready to utilize the new tables effectively, leading to delays in threat investigation and response.
- roles: SOC Analyst, IT Manager
- references: https://techcommunity.microsoft.com/t5/security-compliance-identity/microsoft-defender-for-office-365-two-new-data-tables-in/ba-p/1234567
Configutation Options**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 2 weeks ago
