Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community

Responding to alerts limitations

Brass Contributor

This is more a suggestion to Microsoft unless I am missing a trick :)


When responding to alerts in Cloud App Security, you don't have the option to mark that you are investigating the alert, only options to dismiss, resolve or adjust policy.

This causes multiple Analysts to investigate the same alert. We need some way of showing that someone is actively investigating the alert, and avoid people thinking the alert is new.. (Similar to options available in Windows Defender ATP alert responses.)

1 Reply

@Christo De Lange 


Thank you for your feedback - this is something we're investigating.