cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

mcas - malware detection policy

ThomasHoehner
Copper Contributor

‎Sep 23 2021 02:45 AM

‎Sep 23 2021 02:45 AM

mcas - malware detection policy

Hi all,

just wondering whether or not the malware detection policy is just a "detection" policy :) with no remediation or mitigation impact on the related findings. In other words, once the policy found suspicious files containing malware within SpO or OfB, it only alerts within mcas, but does nothing more on that file like moving to quarantine or similar.

Am I right?

Thank you

Thomas 

2,283 Views
0 Likes
2 Replies
Reply
2 Replies
AnuragSrivastava

‎Sep 28 2021 11:17 PM

‎Sep 28 2021 11:17 PM

Re: mcas - malware detection policy

@ThomasHoehner
Yes you are right, it is a detection policy where you can identify malicious files in your cloud storage with no remediation being performed.

However you can use this detection in real time using session policies to control file uploads and downloads.
1 Like
Reply
ThomasHoehner

‎Sep 29 2021 03:32 AM - edited ‎Sep 29 2021 03:33 AM

‎Sep 29 2021 03:32 AM - edited ‎Sep 29 2021 03:33 AM

Re: mcas - malware detection policy

thank you Anurag.
However, for customers utilizing Defender for Office365, where mcas malware detection policy alerts on malware, but Defender for Office365 does not, a communication between those two solutions could be reasonable in order to quarantine related finding (malicious file) out of mcas malware detection policy with the power of Defender for Office365, couldn't it?

ThomasHoehner_0-1632911615699.png

 

0 Likes
Reply