Retirement of Legacy Microsoft Defender Online Alerts
Microsoft 365 Defender is set to retire a number of default alert policies due to customer feedback and issues with false positives. These legacy alerts have served their purpose and will no longer be available in the Default Alert policies in the Microsoft 365 Defender portal or the Microsoft 365 Purview compliance portal starting from mid-November. The retirement of these policies will not affect alerts that have already been generated from these alerts policies. Customers can recreate these retired alert policies as custom alert policies while ensuring to review their existing policies. Literal replacements of the retired policies can be made using Anomaly or Threshold to build custom alerts. In cases where specific users, groups, activities need to fire with entity information, scoped single event alerts will be the better option.
Message ID: MC447684
The post Retirement of Legacy Microsoft Defender Online Alerts appeared first on M365 Admin.
Published on:
Learn moreRelated posts
“Investigation priority score increase” Policy to be retired
The "Investigation priority score increase" policy in Microsoft Defender for Cloud Apps will be retired between June and July 2024 due to high...
Cloud Discovery anomaly detection policy to be retired
Microsoft has announced that the "Cloud Discovery anomaly detection" policy in Defender for Cloud Apps will be retired due to the high rate of...
Microsoft Purview compliance portal: Data Loss Prevention – Ending the Microsoft Purview legacy alerts ingestion into Microsoft 365 Defender portal
Microsoft is ending the ingestion of legacy alerts from Microsoft Purview into the Microsoft 365 Defender portal in order to make DLP (Data Lo...
Microsoft Purview compliance portal: Ending the Microsoft Purview legacy alerts ingestion into Microsoft 365 Defender portal
In a bid to improve the relevancy of DLP alerts and incidents in the Microsoft 365 Defender portal, Microsoft will no longer flow legacy alert...
Configuration Change – Microsoft Defender for Cloud Apps threat protection policies
Microsoft is making changes to the default threat protection policies for Microsoft Defender for Cloud Apps. These policies will now be disabl...
New Alert for Microsoft 365 Defender Password Spray Detection
Microsoft 365 Defender is rolling out a new alert to detect password spray attacks originating from authentic cloud service providers. The ale...
Microsoft Defender for Cloud Apps: Behaviors
Microsoft 365 Defender Advanced Hunting has introduced a new data type called "Behaviors". This addition will enable the security teams to pri...
Microsoft Defender for Cloud Apps Alert/sms retirement update
Microsoft Defender for Cloud Apps is retiring its Alerts/SMS content messages feature and recommending the use of Microsoft Power Automate ins...
Microsoft Defender for Identity: User activity timeline in Microsoft 365 Defender
Microsoft is set to release a dedicated tab on the user page in Microsoft 365 Defender that will display a user's activity timeline, including...