Microsoft Defender for Office 365: Full Submissions experience in GCC

🚨 The Signal: Microsoft Defender for Office 365 in GCC now offers full admin and user submission capabilities for suspicious emails and content, matching commercial cloud features. This enhances threat intelligence and response for GCC environments.

The Impact

Security teams and end-users in GCC are affected, gaining improved capabilities for reporting and analysing potential threats, reducing phishing and malware risk.

• Security Teams: Enhanced threat visibility and faster incident response.
• End-Users: Simplified process for reporting suspicious emails and content.
• GCC Environments: Improved security posture against email-borne threats.

The Action

1. Review existing user submission policies in Microsoft Defender portal: https://security.microsoft.com/tenantAllowBlockList
2. Communicate new submission methods to end-users and security operations centre (SOC) staff.
3. Verify submission settings for 'User reported settings' under 'Email & collaboration' > 'Policies & rules' > 'Threat policies' > 'User submissions'.
4. Train users on how to use the integrated 'Report message' or 'Report phishing' add-ins for Outlook.

Domain: Defender · Impact: medium · Workload: Microsoft Defender