What Are the Updated Hunting and Investigation Experiences for Microsoft Defender for Office 365?

At a time when organizations are increasingly shifting and adopting the hybrid working model, cyber security is a growing challenge for ensuring smooth operations. Organizations are increasingly relying on customized security solutions designed for their IT environments to ensure that they function effectively and efficiently. Office 365 is one of the most versatile productivity suites with powerful security tools. Microsoft Defender for Office 365 is a comprehensive cloud-based email filtering service designed to protect organizations from phishing, business email compromise, and malware attacks from email and other collaboration tools. In this article, we will focus on the updated hunting and investigation experiences in Microsoft Defender for Office 365.

What Does the Updated Microsoft Defender for Office 365 Include?

Microsoft Defender for Office 365 includes advanced tools to proactively hunt for known and potential threats. Here are some of the improvements in the investigation and response capabilities in Office 365.

  • Improved navigation using the email entity page

    The email entity page provides a single, integrated, 360-degree view of an email using a summary panel that provides standardized details such as detections, along with context-specific information such as Quarantine or Submissions metadata in a condensed view. This is a replacement for the flyout that was a part of Threat Explorer, Submissions, and Reporting. Initially, the summary panel replaces Explorer, Real-time detections, Advanced Hunting, Threat Protection Status report, Submissions, and Quarantine, and will eventually replace Unified Investigations, Alerts, and other experiences.

  • Improved guided hunting experience

    The guided hunting experience in Threat Explorer and Real-time detections have been improved. Significant improvements have been made to workflows, and the experience has been upgraded to align with modern accessibility standards. Users can toggle between the old and new experiences, but features such as filtering, export, and saving queries remain the same.

  • Changed default view

    The all-email view has been made the default view in Threat Explorer. The default time range has been reduced to 2 days, instead of the current 7 days. However, the search period can still be extended to a maximum of 30 days. Users can tab across views to switch to the Phish or Malware view. The new email summary panel, when available, can be accessed by clicking on Subject in the grid or the icon. It is also possible to toggle between the Grid View and List View and export chats and grid data with a single click. Entities such as Email, URL, and IP are now available in a new, single tab-based view. The different sections can be expanded and collapsed based on the data to be viewed.

Apps4Rent Can Help with Microsoft Defender for Office 365

Microsoft Defender for Office 365 includes several cutting-edge security capabilities, such as safe attachments and safe links, in addition to real-time detection and automated threat hunting. As Microsoft continues to add features and capabilities to Microsoft Defender, the security suite continues to be one of the most reliable solutions against complex threats.

As a Microsoft Gold Partner for Cloud Platform and Cloud Productivity, Apps4Rent can help with Office 365/ Microsoft 365 plans and customize the security capabilities in the suite. Call, chat, or email our certified security admins available 24/7 for assistance.

    Submit Your Requirement


    Comments are closed.