Microsoft 365 defender now alerts on incident or updates through email notifications
Microsoft 365 Defender has been added support for showing alert through security incident email notifications for threat protection solution.
The Microsoft 365 defender suite helps security teams to protecting devices, identity data and applications in the enterprise environment.
Microsoft informs from the post today that Microsoft 365 defender is included with the setup to alert the admin via email on new security incidents or updates to the existing ones.
The company explains, “The email notification contains important details about the incident like the incident name, severity, and categories, among others. You can also directly go to incidents so you can start your investigation right away.”
On enabling the setup, the admin can track all new incidents and any subsequent updates without using API integrations. It is easy to open and begin investigating to the incident from the email notifications straightway.
You can configure the email notifications received based on incident severity or by the device group. Also, you can set the emails notifications to be delivered only on the first incident or add/ remove any recipients. To configure the email notifications, admin requires Manage Security permissions.
Microsoft says, “Likewise, if your organization is using role-based access control (RBAC), you can only create, edit, delete, and receive notifications based on device groups that you are allowed to manage. It can be a big help in transitioning your security operations processes and leveraging the great efficiency improvements provided through the incident’s alert correlation capabilities.”