check before: 2025-02-01
Product:
Defender, Defender for Office 365, Exchange, Outlook
Platform:
Online, Web, World tenant
Status:
In development
Change type:
New feature, User impact, Admin impact
Links:
Details:
Summary:
Defender for Office 365 now allows administrators to configure the system to send messages reported by third-party add-ins to Microsoft for analysis. This feature is part of the Microsoft 365 Roadmap ID 406167 and will be available in early February 2025. Configuration steps are provided for users to enable this setting.
Details:
Administrators and security operators who are using third-party report message solutions in Microsoft Outlook to allow their users to report suspicious messages (for example, Knowbe4, Hoxhunt, Cofense, Proofpoint add-ins, and so on) can now configure Defender for Office 365 to automatically send these messages to Microsoft for analysis.
This message is associated with Microsoft 365 Roadmap ID 406167.
[When this will happen:]
General Availability: We will begin rolling out early February 2025 and expect to complete by mid-February 2025.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
General Availability
Created:
2024-12-21
updated:
2025-01-15
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
linked item details
XXXXXXX ... free basic plan only
Pictures
XXXXXXX ... free basic plan only
summary for non-techies**
Microsoft Defender for Office 365 will introduce a feature in February 2025 that allows administrators to send messages reported by third-party add-ins directly to Microsoft for analysis, enhancing security by leveraging Microsoft's capabilities and enabling automated investigations for phishing messages in organizations with Defender for Office 365 Plan 2.
Direct effects for Operations**
User Reporting Configuration
If the configuration is not properly set before the change, users may not be able to report suspicious messages effectively, leading to increased risk of phishing attacks.
- roles: Administrators, Security Analysts
- references: https://learn.microsoft.com/defender-office-365/submissions-report-messages-files-to-microsoft#report-suspicious-email-messages-to-microsoft, https://techcommunity.microsoft.com/blog/microsoftdefenderforoffice365blog/how-your-submissions-to-defender-for-office-365-are-processed-behind-the-scenes/4231551
Alert Generation and Response
Failure to configure the new reporting settings may result in missed alerts and delayed responses to phishing threats, impacting overall security posture.
- roles: Security Analysts, SOC Teams
- references: https://learn.microsoft.com/defender-office-365/air-about, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=406167
Configutation Options**
XXXXXXX ... paid membership only
Data Protection**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
change history
Date | Property | old | new |
Last updated 1 week ago