Blog Post

Microsoft Defender XDR Blog
1 MIN READ

Easily find anomalies in incidents and alerts

Idan_Pelleg's avatar
Idan_Pelleg
Icon for Microsoft rankMicrosoft
May 10, 2021

Microsoft 365 security Home page and Incidents page now include a trend graph of all the incidents and alerts over the last 24 hours.

This enables you to easily find spikes in your environment and tell if there anything abnormal happening.

 

 

The new incidents trend graph view will also allow you to determine if there are several alerts for a single incident or that your organization is under attack with several different incidents.

 

For example, a will usually generate a lot of alerts in your organization and all of them will be related to the same incident. Seeing that there are hundreds of alerts over time related to the same incident can help you understand that there is an emerging attack that is growing so that you can prioritize your incident response.

 

For more information on investigating incidents, see Investigate incidents in Microsoft 365 Defender.

 

Updated May 09, 2021
Version 1.0
  • Stefan Schörling's avatar
    Stefan Schörling
    MVP
    May 13, 2021

    Awesome, would in addition to this love the graph to reflect based on the filters I apply on the Incident view. 

  • t-petersen's avatar
    t-petersen
    Copper Contributor
    Dec 28, 2023

    I'd like to point out a few missing words in this post.
    Above the image: "tell if there is anything abnormal happening."
    Below the image: "For example, a blank will usually generate a lot of alerts in your organization"