Exchange: New Message Trace in Exchange Online

🚨 The Signal: Exchange Online's Message Trace is updated, offering 90-day historical data, subject search, and new PowerShell cmdlets. This improves visibility into email flow, aiding incident response and compliance investigations.

The Impact

Security teams and Exchange administrators are affected, gaining better tools for email forensics and incident response.

• Security Teams: Enhanced ability to investigate email-borne threats and data exfiltration attempts.
• Exchange Administrators: Improved efficiency in troubleshooting mail flow issues and tracking messages.
• Compliance Officers: Better audit trails for email delivery and retention policies.

The Action

1. Review existing incident response playbooks to incorporate new Message Trace capabilities.
2. Familiarise security and Exchange admin teams with the new EAC interface and PowerShell cmdlets (Get-MessageTraceV2, Get-MessageTraceDetailV2).
3. Update internal documentation for email investigations and compliance reporting.

Domain: Exchange · Impact: medium · Workload: Exchange Online