MC962528 – Microsoft Defender for Office 365: Third-party add-in user report can be sent to Microsoft for analysis

Microsoft Exchange Logo

check before: 2025-02-01

Product:

Defender, Defender for Office 365, Exchange, Outlook

Platform:

Online, Web, World tenant

Status:

In development

Change type:

New feature, User impact, Admin impact

Links:

406167

Details:

Summary:
Defender for Office 365 now allows administrators to configure the system to send messages reported by third-party add-ins to Microsoft for analysis. This feature is part of the Microsoft 365 Roadmap ID 406167 and will be available in early February 2025. Configuration steps are provided for users to enable this setting.

Details:
Administrators and security operators who are using third-party report message solutions in Microsoft Outlook to allow their users to report suspicious messages (for example, Knowbe4, Hoxhunt, Cofense, Proofpoint add-ins, and so on) can now configure Defender for Office 365 to automatically send these messages to Microsoft for analysis.
This message is associated with Microsoft 365 Roadmap ID 406167.
[When this will happen:]
General Availability: We will begin rolling out early February 2025 and expect to complete by mid-February 2025.

Change Category:
XXXXXXX ... free basic plan only

Scope:
XXXXXXX ... free basic plan only

Release Phase:
General Availability

Created:
2024-12-21

updated:
2025-01-15

Task Type

XXXXXXX ... free basic plan only

Docu to Check

XXXXXXX ... free basic plan only

MS How does it affect me

XXXXXXX ... free basic plan only

MS Preperations

XXXXXXX ... free basic plan only

MS Urgency

XXXXXXX ... free basic plan only

MS workload name

XXXXXXX ... free basic plan only

linked item details

XXXXXXX ... free basic plan only

Pictures

XXXXXXX ... free basic plan only

summary for non-techies**

Microsoft Defender for Office 365 will introduce a feature in February 2025 that allows administrators to send messages reported by third-party add-ins directly to Microsoft for analysis, enhancing security by leveraging Microsoft's capabilities and enabling automated investigations for phishing messages in organizations with Defender for Office 365 Plan 2.

Direct effects for Operations**

User Reporting Configuration
If the configuration is not properly set before the change, users may not be able to report suspicious messages effectively, leading to increased risk of phishing attacks.
   - roles: Administrators, Security Analysts
   - references: https://learn.microsoft.com/defender-office-365/submissions-report-messages-files-to-microsoft#report-suspicious-email-messages-to-microsoft, https://techcommunity.microsoft.com/blog/microsoftdefenderforoffice365blog/how-your-submissions-to-defender-for-office-365-are-processed-behind-the-scenes/4231551

Alert Generation and Response
Failure to configure the new reporting settings may result in missed alerts and delayed responses to phishing threats, impacting overall security posture.
   - roles: Security Analysts, SOC Teams
   - references: https://learn.microsoft.com/defender-office-365/air-about, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=406167

Configutation Options**

XXXXXXX ... paid membership only

Data Protection**

XXXXXXX ... paid membership only

IT Security**

XXXXXXX ... paid membership only

explanation for non-techies**

XXXXXXX ... free basic plan only

** AI generated content. This information must be reviewed before use.

a free basic plan is required to see more details. Sign up here


A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.



change history

DatePropertyoldnew

Last updated 1 week ago

Share to MS Teams

Login to your account

Welcome Back, We Missed You!