Boost your detection and response workflows with alert tuning
Published May 22 2023 08:10 AM 10.9K Views

As cyber threats become more sophisticated and frequent, organizations need to be vigilant in monitoring their digital assets for potential security breaches.


Microsoft 365 Defender is an XDR platform that delivers a unified investigation and response experience and provides native protection across endpoints, hybrid identities, email, collaboration tools, and cloud applications with centralized visibility, powerful analytics, and automatic attack disruption.


Today we are excited to introduce alert tuning in Microsoft 365 Defender to help security teams detect and respond to potential security threats even more effectively.


Alert tuning enhances how organizations monitor alerts and incidents. It enables analysts to set specific criteria to resolve alerts automatically using different attributes such as user, device, file, or app for all Microsoft 365 Defender sources. This feature makes it easier to calibrate alerts and keep the list of active incidents focused on the most relevant and critical issues.


Figure 1: New alert tuning experience in Microsoft 365 DefenderFigure 1: New alert tuning experience in Microsoft 365 Defender


Alert tuning is designed to help security teams streamline their incident response process by automating the resolution of common and repetitive alerts. This will allow analysts to focus on the most critical issues, rather than getting bogged down in routine tasks, while also helping organizations respond to potential threats faster.


In addition, it will help enhance the overall accuracy of alert notifications by setting specific criteria for alerts that are relevant to their environment. This will help reduce the number of false positives and further limit noise to ensure that analysts investigate and focus on prevalent security incidents instead.


The new alert tuning feature in Microsoft 365 Defender helps organization to better protect their digital estate against cyber threats by streamlining the incident response process and reducing false positives even further.

Start exploring this new feature today and find out how it can enhance your organization's detection and response process.


Learn more




Version history
Last update:
‎May 22 2023 08:05 AM
Updated by: