Forum Widgets
Latest Discussions
Little warning on the new Purview suite for M365BP
Microsoft introduced a highly needed and expected compliance suite add-on for Microsoft 365 Business Premium. Microsoft Purview Suite for Business Premium: $10/user/month Microsoft 365 BP are unable to add Microsoft 365 E5 Compliance suite $12/user/month and forced to move to M365E3 to be able to add this product. So as a Microsoft partner I was delighted to see that Microsoft introduced this new product and made it possible to give SMB customers the tools they need to comply with all kinds of regulations. BUT: What a disappointment it is, this new product. It is a lame strip down version of the E5 Compliance suite and missing essential functionality that regulated SMB customers badly need. What the was going on in de mind of the product manager who is responsible for this product. Besides missing crucial functionality like Compliance Manager, Compliance Portal and Privilege Access Management it also misses in product features. Some examples: Data Loss Prevention: Great for protection your sensitive information leaking out of your organisation, but with a little more investigation, I found out that Administrative Units is not supported Information Protection: Automatic Labels is not supported Insider Risk management: No Adaptive Protection Compliance Manager: No Policies, No Alerts DSPM for AI: No Policies So, Microsoft come on, you can do better than this and embrace SMB’s more seriously and make E5 compliance available like you did with E5 security for M365BP users and stop with this lame and incomplete product. My recommendation to M365BP customers who need Compliance add-on, don’t buy this new suite, unless you don’t need the above functionality.HanssieHSep 12, 2025Brass Contributor64Views0likes0CommentsHow to practice SC-200 content on an empty tenant
Hello, I am following the SC 200 course on Microsoft Learn. It is great and everything but my m365 business tenant is empty. I don't have VMs, logs, user activity or anything. I learned some KQL and microsoft provides some datasets for practice. Are there any such data I can load on my tenant for threat hunting and other SC-200 related practices or is there an isolated simulation environment I can use for learning?BatuhaanSep 09, 2025Copper Contributor44Views0likes1Comment- emilyfallaSep 08, 2025Microsoft71Views0likes0Comments
Defender email audit - sensitive info in subject line
We are doing security auditing of emails. I'm familiar with the Defender portal, not too in-depth though (have not had time to play around) and not so with Sentinel or KQL yet. In the course of my audits, I have been finding people may encrypt emails but still have sensitive information in the subject line. Common understanding that internal emails would not leave the org so encryption is not mandatory (though I have disagreement on that). So auditing emails going external. In M365 Defender >> Email & Collaboration >> Explorer section, I did a search: keyword: "SSN" sender domain: equals my org recipient domain: equals non of my org What are some sensitive information keywords or phrases in the subject line searches in M365 Defender (security.microsoft.com)? So far I have compiled this list to (sucks M365 Defender does not allow searching with wildcards or patterns): SSN social security TIN DOB account acct passport license DLSolvedHathMHSep 08, 2025Copper Contributor54Views0likes1CommentShare your experience with Microsoft Security Products on Gartner Peer Insights
At Microsoft, we believe the most valuable insights come from those who use our products every day. Your feedback helps other organizations make informed decisions and guides us in delivering solutions that truly meet your needs. We invite you to share your experiences with Microsoft Security products on Gartner Peer Insights. By leaving a review, you’ll help your peers confidently choose the right solutions and contribute to the ongoing improvement of our products and services. Why your review matters Empower others Your honest feedback helps fellow decision-makers understand how Microsoft Security products perform in real-world scenarios. Build community Sharing your experience fosters a community of practitioners who learn from each other’s successes and challenges. Drive innovation Your insights directly influence future product enhancements and features. How to participate Click on the Microsoft Security Product You would be prompted to log in or sign in to the site. Select the Microsoft Security product you know well. Share your experience, highlighting the features and outcomes that mattered most to you. It would take a few minutes to complete the survey. Rules and Guidelines Only Microsoft customers are eligible to submit reviews; partners and MVPs are not. Please refer to the Microsoft Privacy Statement and Gartner’s Community Guidelines and Gartner Peer Insights Review Guide for more information.Trevor_RusherAug 28, 2025Community Manager67Views0likes0CommentsQuarantine emails marked as High Confidence Phish are being system released
I have a group of about 20 emails that were in quarantine, and within moments they were released by 'System release' There are multiple different domains being released, and all of them have a High Confidence Phish level. Since it is a system release, I cannot submit anything to Microsoft other than it appears clean. Is anyone else experiencing this?seckogurudiAug 22, 2025Copper Contributor188Views0likes2CommentsWant to earn an Exclusive Security Tech Community Badge? Take our quick survey!
Hey there Security Tech Community! As we prepare for Microsoft Ignite, we’re building a focused, practitioner-led security roundtable and we want your input to ensure it reflects the most relevant and pressing topics in the field. We invite you to take a short survey and share the security topics, trends, and technical questions you want to see covered. Your input will directly influence the structure and substance of the Ignite Security Roundtable. The first 5 people to post a screenshot for proof of survey completion in the comments below will receive this "Microsoft Security Star" Badge to add to their Tech Community profile! TAKE THE SURVEY NOW: https://aka.ms/IgniteSecurityRoundtableSurvey2025SolvedTrevorRusherAug 15, 2025Community Manager198Views3likes6CommentsAnonymous IP address involving one user
Hello, I get security messages from M365 Defender: Sign-in from an anonymous IP address (e.g. Tor browser, anonymizer VPNs) one service user (only SMTP Auth user) is attacking by one ip address and its allways the same IPV4 address from outside. It is possible to block this ip address? I've tried with conditional access, Connection filter policy (Default) under antispam policy, but nothing helps. I've set my own public ip in conditional access and connection filter policy and try if i can use this smtp account to send mails from 3rd party tools and still works. I have no idea how can i block/reject incoming inquire from public ip adresses. Somebody can help? PeterSolvedGodCordialAug 13, 2025Copper Contributor134Views0likes2CommentsMicrosoft Defender Value Report does not have data
Hi, I was to report for the Month end of July 2025. I usually source data from the Monthly Security Report from the Microsoft Defender Reports. But since Aug 1 this has been the result. Any insight on this? I already have made changes to the monthly report, but this helps us greatly since this is a one stop shop for data we use. Thanks in advance.Jun_TiburcioAug 04, 2025Copper Contributor53Views1like1CommentGetting Contextual Summary from SIT(Sensitive info types) via PowerShell cmd
Hi, I am using a PowerShell command(Export-ContentExplorerData) to extract data from an SIT. In the response, I am getting most of the data but I am interested in getting the matching primary element from Contextual summary(Content explorer) https://learn.microsoft.com/en-us/powershell/module/exchange/export-contentexplorerdatamrityunjay6492Jul 21, 2025Copper Contributor83Views1like0Comments
Resources
Tags
- cloud security982 Topics
- security764 Topics
- microsoft information protection517 Topics
- azure497 Topics
- information protection and governance483 Topics
- microsoft 365416 Topics
- microsoft sentinel337 Topics
- azure active directory240 Topics
- data loss prevention212 Topics
- microsoft 365 defender166 Topics