Forum Discussion
Admin submissions portal in Microsoft Defender for Office 365 GCC
I'm having a hard time understanding why Microsoft doesn't rescan emails submitted through the Admin Submissions page in the Microsoft 365 Security portal. I also don't understand why URL and File submissions are disabled for Administrators.
Why should a tenant admin need to open a support ticket to submit a phishing/malicious email in order for Microsoft to actually review it? How does this protect tenants from phishing emails that specifically target US/State/Local employees?
Accounts assigned Security/Organization/Global admin roles should be able to submit emails, urls, and files to Microsoft directly through the Admin submissions page. Microsoft should acknowledge when a privileged account is submitting a missed malware/phishing/spam email, rescan the submission and use the submission to improve threat intelligence filters.
Why should a tenant admin need to open a support ticket to submit a phishing/malicious email in order for Microsoft to actually review it? How does this protect tenants from phishing emails that specifically target US/State/Local employees?
Accounts assigned Security/Organization/Global admin roles should be able to submit emails, urls, and files to Microsoft directly through the Admin submissions page. Microsoft should acknowledge when a privileged account is submitting a missed malware/phishing/spam email, rescan the submission and use the submission to improve threat intelligence filters.
No RepliesBe the first to reply