Microsoft is working on a new update for Microsoft Defender for Office 365 that will provide organizations with additional security against embedded threats in emails.
According to a new post on the Microsoft 365 Roadmap, the software giant plans to change the way in which users preview quarantined messages so that some components in these emails will be distorted and not displayed by default. However, users can still choose to reveal the full message if they want.
As email remains the number one attack vector used by cybercriminals, Microsoft is committed to making it easy to identify false positives across individual mailboxes as well as shared mailboxes, keeping users secure as they interact with these emails and ensuring security teams can efficiently review and act on quarantined messages.
The company plans to roll out new quarantine management features that will help SecOps teams and end users when triaging emails including quarantine folder policy and user release request workflow, customer organization branding, streamlined email submission from the quarantine portal, robust release of bulk quarantined emails and quarantine support for shared mailboxes.
Quarantine portal and email detail panel
In a separate blog post, Microsoft revealed that it plans to revamp the design of the quarantine portal to provide a better user experience when triaging false positive emails.
While the quarantine portal is getting a new look and feel, the update is more than a cosmetic change as the company has designed the new experience to help security teams surface additional data in a way that is more useful and simpler. The new user experience adds more filters, a revamped flyout menu and better filter visibility.
Earlier this year Microsoft launched its email entity page to give SecOps a 360-degree view of an email so that analysts can have all of the relevant details right at their fingerprints. Now though, it plans on replacing the email details panel with a new panel that provides the same in-depth view of each email in quarantine to provide SecOps teams with more confidence when making decisions.
Microsoft is also working on several enhancements such as an hourly frequency for end user spam notifications, large scale bulk release so that SecOps can release more than 100 emails at a time and enhanced search functionality which will be rolling out to Microsoft Defender for Office 365 in the coming months.