A new Microsoft 365 Defender feature now lets you receive notification emails directly to your mailbox for each new incident or incident update, this will help you to stay on top of the incident queue.
Get notifications based on incident severity or by device group. You can also choose to only be notified on the first update for each incident.
The notification email contains important details like the incident name, severity, and category.
This notification email enables you to review your incidents effectively, without requiring any trouble ticketing system or API integrations. It can be a big help in transitioning your security operations processes and leveraging the great efficiency improvements provided through the incident's alert correlation capabilities
Once you get the notification, you can go directly to the incident and start your investigation right away. For more information on investigating incidents, see Investigate incidents in Microsoft 365 Defender.
If you are looking for more information on how to set up incident email notification in Microsoft 365 Defender, see the full instructions.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.