68886: Microsoft Defender for Identity: Administrative functions in Microsoft 365 security center

As part of the ongoing work to improve the experience of Security Operations professionals and consolidate the functionality of multiple portals into a single space that SecOps can interact with their threat and incident data, Defender for Identity’s administrative functions will be available to view and edit within the Microsoft 365 security center. In this …

82097: Microsoft Defender for Office 365: Quarantine integration for user and admin submissions

With this change we’re giving admins the ability to allow senders for a specified period of time, right from the quarantine workflow. When releasing emails to end users, admins can now opt to remember this decision by creating an entry in the tenant allow/block list that corresponds to the indicator of compromise aligned with the …