Microsoft's security systems on Windows 10 are getting a tidy little upgrade

security
(Image credit: Shutterstock / La1n)
Audio player loading…

Microsoft Defender (opens in new tab) for Office 365 is getting some serious upgrades after the company revealed a number of remediation enhancements to its Microsoft 365 roadmap. The releases, which are currently in development, will help security teams to mitigate threats and address suspicious emails.

The first update (opens in new tab) is termed, “additional remediation actions,” and will contain further actions for businesses to counter security threats. Initially, this will only involve new actions applicable to malicious emails, but eventually will be expanded to other entities.

The second release (opens in new tab) concerns “remediation enhancements” and will similarly provide security benefits, giving IT teams more options to search for, review and deal with potential threats before they cause serious damage to an organization’s IT infrastructure. 

Threat mitigation

”We are retiring the ability to delete attachments as a response action,” the Microsoft 365 roadmap explains. “We're also increasing the export limit of records from mail submissions or action log in the action center to 100,000. We're adding two new columns to the action log details view within the action center. The first is a column for network message ID, allowing security teams to review based on network message ID. The second is a column for ‘Already in Destination’. Previously, all records submitted for remediation were remediated based on their original delivery location.”

Microsoft also provided further information (opens in new tab) regarding how the company is already helping businesses to remediate malicious emails delivered in Office 365. For example, administrators that have had a “search and purge” role assigned to them are able to take action against suspicious emails manually by searching in Threat Explorer.

Conversely, organizations can decide to automated remediation by recommending certain actions once particular security triggers have been activated.

Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services.  After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things.