Sep 23 2021 02:45 AM
Hi all,
just wondering whether or not the malware detection policy is just a "detection" policy :) with no remediation or mitigation impact on the related findings. In other words, once the policy found suspicious files containing malware within SpO or OfB, it only alerts within mcas, but does nothing more on that file like moving to quarantine or similar.
Am I right?
Thank you
Thomas
Sep 28 2021 11:17 PM
Sep 29 2021 03:32 AM - edited Sep 29 2021 03:33 AM
thank you Anurag.
However, for customers utilizing Defender for Office365, where mcas malware detection policy alerts on malware, but Defender for Office365 does not, a communication between those two solutions could be reasonable in order to quarantine related finding (malicious file) out of mcas malware detection policy with the power of Defender for Office365, couldn't it?