Forum Discussion
Automate Email reported by user as malware or phish
Hi there, We see a high volume of user reported emails as Spam/Business Marketing emails, and we are looking for a way to reduce analysts time spent investigating reports classified as found with...
Agreed that it would be nice if the Defender for Office API offered the possibility to trigger an AIR investigation based on a Network Message ID parameter. This would be infinitely useful in Sentinel Playbooks as an extension of Analytics Rules that detect suspicious email delivery.