![Microsoft Defender for Office 365: Third-party add-in user report can be sent to Microsoft for analysis [MC962528]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-pixabay-356036-1024x683.webp)
Message ID: MC962528
Administrators and security operators who are using third-party report message solutions in Microsoft Outlook to allow their users to report suspicious messages (for example, Knowbe4, Hoxhunt, Cofense, Proofpoint add-ins, and so on) can now configure Defender for Office 365 to automatically send these messages to Microsoft for analysis.
This message is associated with Microsoft 365 Roadmap ID 406167.
[When this will happen:]
General Availability: We will begin rolling out early February 2025 and expect to complete by mid-February 2025.
[How this will affect your organization:]
You must configure this setting if you want the benefit of sending third-party reported messages to Microsoft.
To enable this setting:
- Go to User reported settings in the Microsoft Defender portal, select Monitor reported messages in Outlook, and then select Use a non-Microsoft add-in button.
- In the Reported message destination section, select Microsoft and my reporting mailbox, and then provide the email address of the internal Exchange Online mailbox where user-reported messages by the third-party add-ins are being routed to. If the third-party vendor follows the guidance for message submissions format, Defender for Office 365 will submit these messages automatically to Microsoft for analysis.
- The result from Microsoft after analysis is shown on the User reported page in the Defender portal.
For more details about how Microsoft handles user-reported suspicious messages, see Report suspicious email messages to Microsoft.
Alerts are automatically generated for user reported messages in Defender for Office 365. If you have Defender for Office 365 Plan 2, Automated investigation and response (AIR) is also automatically triggered for user reported phishing messages. Both alerts and their investigations are automatically correlated to Defender XDR Incidents, which helps SOC teams with automation to triage, investigate, and respond. Submitting these messages to Microsoft for analysis provides a response of this analysis to security analysts and also helps improve Defender for Office 365 filters.
[What you need to do to prepare:]
If your user reporting settings are already set to Use a non-Microsoft add-in button and Microsoft and my reporting mailbox, you don’t need to do anything to benefit from this change. However, if the destination is My reporting mailbox only, you need to change the destination to Microsoft and my reporting mailbox to benefit from this change.
Source: Microsoft
![Microsoft Outlook for Windows and web: Tips pane will move to the ribbon [MC962517]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-freestockpro-319975-150x150.webp)
![Viva Learning: AI and Copilot Resources Provider visibility [MC962529]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-pixabay-161702-150x150.webp)
The recent update regarding Microsoft Defender for Office 365’s integration with third-party add-ins is certainly a game changer for both administrators and users. By enabling automatic submissions of reported messages to Microsoft for analysis, we can expect a more streamlined and effective approach to handling suspicious emails.
For admins, this means less time spent on sifting through user reports manually and more focus on strategic security initiatives. The configuration process is straightforward, allowing for an easy transition to this enhanced system. Plus, the automated alerts and investigations will surely lighten the load for Security Operations Center (SOC) teams, providing them with the tools needed to triage and respond more efficiently.
On the user side, this update empowers them to take an active role in security. With just a few clicks, they can report suspicious messages, knowing that their concerns are being sent directly to Microsoft for further analysis. This not only enhances user engagement but also fosters a culture of vigilance within the organization.
As for the impact of these changes, it’s likely to be quite significant. By improving the speed and accuracy of threat detection, organizations can bolster their defenses against phishing attacks and other malicious activities. And let’s face it, who doesn’t want to feel like a superhero in the fight against cybercrime?
We’d love to hear your thoughts on this update! How do you think it will change your organization’s approach to email security? Feel free to share your comments below, and don’t forget to check out more insightful posts at mwpro.co.uk. Let’s keep the conversation going!