Some significant security updates are coming to Microsoft Defender for Office 365 this month after Microsoft added remediation enhancements to its Microsoft 365 roadmap. The releases, which are currently in development, will help security teams to mitigate threats and address suspicious emails.
The first update is termed, “additional remediation actions,” and will contain further actions for businesses to counter security threats. Initially, this will only involve new actions applicable to malicious emails, but eventually will be expanded to other entities.
The second release concerns “remediation enhancements” and will similarly provide security benefits, giving IT teams more options to search for, review and deal with potential threats before they cause serious damage to an organization’s IT infrastructure.
”We are retiring the ability to delete attachments as a response action,” the Microsoft 365 roadmap explains. “We’re also increasing the export limit of records from mail submissions or action log in the action center to 100,000. We’re adding two new columns to the action log details view within the action center. The first is a column for network message ID, allowing security teams to review based on network message ID. The second is a column for ‘Already in Destination’. Previously, all records submitted for remediation were remediated based on their original delivery location.”
Microsoft also provided further information regarding how the company is already helping businesses to remediate malicious emails delivered in Office 365. For example, administrators that have had a “search and purge” role assigned to them are able to take action against suspicious emails manually by searching in Threat Explorer.
Conversely, organizations can decide to automated remediation by recommending certain actions once particular security triggers have been activated.