-description: "How to add a new employee or user to your organization's network and internal systems. When a new employee joins your company, you must securely add them to the network."

-# Add a new employee in Microsoft 365 Business Premium

-The following information tells you how to use Microsoft 365 Business Premium to add a new employee to the organization.

-

- **Not an admin?** [Learn your way around Microsoft 365](https://support.microsoft.com/office/396b8d9e-e118-42d0-8a0d-87d1f2f055fb) helps business and home users with set up.

-

- **No Microsoft 365 Apps in your plan?** Follow the steps below, but skip the sections for installing apps. Use the [Online versions of Office](https://support.microsoft.com/office/91a4ec74-67fe-4a84-a268-f6bdf3da1804) instead.

-## How to add a new user

-1. Go to admin.microsoft.com

-2. Click **Add a user**.

-3. Enter the basic information and the *personal* email address of the new employee.

- When you set up your new employee in the Admin center, make sure to enter and send log-in details to the employee's personal account. This way, they'll receive an email from the Microsoft Online Service Team that tells them how to log in to Microsoft 365 Business Premium. If you don't send it to their personal email address, instead, print out the employee's sign in name and password, and give it to them in person. Or, tell them the information over the phone.

-

-4. Have the new user sign in to use Microsoft 365 Business Premium. Give them the following sign in information:

-

- - Sign in at [https://www.office.com](https://www.office.com).

- - Select **Sign in**, then type the user ID and password.

-

-And here's a quick reference to help them get started:

-

-|**Task**|**Find the details**|

-|:--|:--|

-|Sign in to Office <br/> |Go to [https://www.office.com](https://www.office.com), select **Sign in**, and then enter your user ID and password. <br/> |

-|Install Microsoft 365 Apps onto your computer. <br/><br/> |When you sign in, the home page has a link to download and install apps like Word and Outlook. Select **Install Office**. For instructions, see [How to install Office](https://support.microsoft.com/office/4414eaaf-0478-48be-9c42-23adc4716658). <br/> |

-|Set up your email in Outlook 2016 . <br/> |Once Microsoft 365 Apps are installed on your computer, set up your email. For instructions, see [How to set up Outlook](https://support.microsoft.com/office/6e27792a-9267-4aa4-8bb6-c84ef146101b). <br/> |

-|Set up Skype for Business so you can connect with co-workers or business partners in your company or around the world. You can start conversations with IM, voice, or video calls. <br/> |[Install Skype for Business on your computer](https://support.microsoft.com/office/8a0d4da8-9d58-44f9-9759-5c8f340cb3fb). <br/> <br/>To learn how to use Skype for Business, [watch a video.](https://support.microsoft.com/office/3a21eca4-434d-41f1-ab06-3d4a268573b7) <br/> <br/>Have you set up Skype for Business so your employees can contact people external to your business who are using the free Skype app? If not, tell your new employee so they know what to expect when using Skype for Business. <br/> |

-|Install apps on your mobile device if you want to get email or use Skype for Business on your phone. <br/> |If you want to set up the Outlook mobile app so you can get email via your phone. For instructions, see [iOS](https://support.microsoft.com/office/b2de2161-cc1d-49ef-9ef9-81acd1c8e234), [Android](https://support.microsoft.com/office/886db551-8dfa-4fd5-b835-f8e532091872), [Windows Phone](https://support.microsoft.com/office/181a112a-be92-49ca-ade5-399264b3d417) <br/> <br/>If you want to use Skype for Business on your mobile device, download and install the mobile app. For instructions, see [iOS](https://support.microsoft.com/office/3239c8a3-cf55-4ff0-a967-5de51911c049#OS_Type=iOS), [Android](https://support.microsoft.com/office/4d1b7dfa-5b0b-4868-bae5-25947fb99e6e#OS_Type=Android), [Windows Phone](https://support.microsoft.com/office/4d1b7dfa-5b0b-4868-bae5-25947fb99e6e#OS_Type=Windows_Phone) <br/> |

-|Complete the OneDrive for Business training to help you learn how to store and organize your documents, presentations, and spreadsheets in the cloud. <br/> |Keep your business-related documents in the cloud by using OneDrive for Business. You can always get to your content, even if you're signed in to Microsoft 365 on a different computer. [Watch a video to learn how to use your OneDrive for Business](https://support.microsoft.com/office/b30da4eb-ddd2-44b6-943b-e6fbfc6b8dde) <br/><br/> **Training:** [OneDrive for Business training](https://support.microsoft.com/office/1f608184-b7e6-43ca-8753-2ff679203132) (Select OneDrive for Business). <br/> |

-|Complete the SharePoint Online training to help you collaborate with coworkers and share content. <br/> |The best place to keep documents that your coworkers will also access is in SharePoint Online. <br/> <br/>**Training:** [Video: Collaborate with team content using SharePoint Online](https://support.microsoft.com/office/c17b6824-cc22-478f-8757-497cc6b57121) <br/><br/> **Find out:** How is your organization using SharePoint Online, and what type of documents get stored there. Also, which documents are stored in OneDrive for Business. <br/> |

-## See also

-[Best practices for securing Microsoft 365 for business plans](secure-your-business-data.md)

-As you know, security incident management is important. As threats are detected, those threats must be reviewed and addressed. Your business also needs a maintenance and operations plan.

-The missions you completed during the setup and configuration process were all about getting your systems, users, and data secured. Now, you'll need to perform certain tasks, such as adding or removing users, resetting passwords, and resetting devices to factory settings as needed. These kinds of tasks are what maintaining your environment is all about.

-For more information, see the following articles:

-## [**BYOD**](#tab/BYOD)

-To protect unmanaged (BYOD) devices, your organization's IT or security team can:

-description: "Discover how to use Microsoft 365 for business to remove company data that your users have on their devices or Windows PCs."

-# Remove company data from devices

-## Remove company data

-You can use Microsoft 365 for business to remove company data that your users have on their [devices](m365bp-app-protection-settings-for-android-and-ios.md) or [Windows PCs](m365bp-protection-settings-for-windows-10-devices.md) that are protected by Microsoft 365. **If you remove company data from a device, you cannot restore it later**.

-

-1. Go to the admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=837890" target="_blank">https://admin.microsoft.com</a>.

-

-2. On the left nav, choose **Devices** \> **Manage**.

-

-3. On the **Manage** page, choose or search for a user who's data you want to remove, and choose the name.

-

-4. On the next pane, select the device or devices from the **Devices** list. On the device pane that opens, you can choose to reset the device to factory settings or remove company data, depending on the device type.

-

- 

-

-5. On the confirmation pane, choose **Confirm** \> **Close**.

-

-## See also

-[Best practices for securing Microsoft 365 for business plans](secure-your-business-data.md)

-description: "Learn how to use Microsoft 365 Business Premium to factory reset Windows devices you manage, reverting them to their original settings at purchase."

-# Reset Windows devices to factory settings

-A factory reset reverts a device to the original settings it had when the device was purchased. All apps and data on the device that were installed after purchase are removed. You can use Microsoft 365 for business to factory reset Windows 10 devices you manage.

-

-1. Go to the admin center at <a href="https://go.microsoft.com/fwlink/p/?linkid=837890" target="_blank">https://admin.microsoft.com</a>.

-

-2. In the left nav, choose **Devices** \> **Manage**.

-3. On the **Manage** page, check the checkbox next to the device you want to remove data from and then, in the **Manage** drop-down choose **Factory reset**.

-

-4. On the **Are you sure you want to factory reset the devices below** pane, choose **Confirm** \> **Close**.

-

-

-## See also

-[Best practices for securing Microsoft 365 for business plans](secure-your-business-data.md)

-description: "Reset passwords for users in Microsoft 365 Business Premium."

-# Reset passwords in Microsoft 365 Business Premium

-Learn how to reset passwords for yourself and your users when needed. As an admin, you can reset a user's password if they forget it.

-## User-initiated password reset

-When a user requests a new password, a password reset request is sent through email.

-1. To reset the password, open the app launcher and select **Admin** and log in with your credentials.

-2. In the Microsoft 365 admin center, select **Users**, <a href="https://go.microsoft.com/fwlink/p/?linkid=834822" target="_blank">**Active users**</a>, and then select the key icon next to the user who requested the reset.

-3. Select **Auto-generate password** to have a random password automatically created.

-4. Select **Reset**.

-## Admin-initiated password reset

-There are times when an admin may want to force password resets on accounts.

-1. In the Admin center, go to the **Users** \> <a href="https://go.microsoft.com/fwlink/p/?linkid=834822" target="_blank">Active users</a> page.

-2. On the **Active users** page, select the specific user to reset, and then select **Reset password**.

-3. Follow the instructions on the **Reset password** page to auto-generate a new password for the user or create one for them, and then select **Reset**.

-4. Enter an email address the user can get to so they receive the new password, and follow up with them to make sure they got it.

-## Let users reset their own passwords

-We strongly recommend that you set up the self-service password reset. This way you don't have to manually reset passwords for your users. To learn how, see [Let users reset their own passwords in Office 365](/admin/add-users/let-users-reset-passwords.md).

-## Reset my admin password

-Use these steps if you forgot your password but you're able to sign in to Microsoft 365 because, for example, your password is saved in your browser:

-1. Select your name (icon) in the upper-right corner > **My Account** > **Personal Info**.

-2. Under **Contact details**, double-check that your **Alternate email** is accurate and that you've provided a mobile phone number. If not, change them now.

-3. Sign out: select your name in the upper-right corner \> **Sign out**.

-4. Now sign in again: type your user name \> **Next** \> and then select **Forgot password**.

-5. Follow the steps in the wizard to reset your password. It uses your alternate contact info to verify you're the right person to reset your password.

-If you forgot your password and can't sign in:

-## Reset all business passwords for everyone at the same time

-<a name="bkmk_forgot"> </a>

-These steps work for a business with tens of users. If you have hundreds or thousands of users, see the next section on resetting passwords in bulk (maximum 40 users at a time).

-

-1. In the admin center, go to the **Users** \> <a href="https://go.microsoft.com/fwlink/p/?linkid=834822" target="_blank">Active users</a> page.

-2. Select the option next to **Display name** to select everyone in your business. Then, unselect yourself. You can't reset your own password at the same time you reset everyone else's password.

-3. Select **Reset password**.

-4. Follow the instructions on the **Reset password** page, and select **Reset**. If you opted for auto-generating the passwords, the new temporary passwords will be displayed.

-5. Enter an email address where you can receive the temporary passwords. You'll need to notify your users what their temporary passwords are.

-

-## Reset business passwords in bulk

-<a name="bkmk_forgot"> </a>

-To reset passwords for multiple accounts, use PowerShell. Check out this post by Eyal Doron: [Managing passwords with PowerShell](https://go.microsoft.com/fwlink/?linkid=853696).

-For overview information, see [Manage Microsoft 365 with PowerShell](../enterprise/manage-microsoft-365-with-microsoft-365-powershell.md).

-

-## Related content

-

-[Let users reset their own passwords](../admin/add-users/let-users-reset-passwords.md)

-[Reset passwords in Microsoft 365 for business](../admin/add-users/reset-passwords.md)

-[Set an individual user's password to never expire](../admin/add-users/set-password-to-never-expire.md)

-[Set the password expiration policy for your organization](../admin/manage/set-password-expiration-policy.md)

-description: "Learn about daily, weekly, monthly, and as needed tasks for your security team to perform."

-# Microsoft 365 Business Premium security operations guide

-If you're new to Microsoft 365 Business Premium, or if your business doesn't have a security operations guide in place yet, use this article as a starting point. If you do already have a security operations guide, review it against the recommendations in this article.

-You can use this guidance to make decisions about security incident priorities and tasks your security team will perform in the Microsoft Defender portal ([https://security.microsoft.com](https://security.microsoft.com)).

-## Security operations tasks to perform

-| Task | Description |

-|||

-| **Daily** | *Tasks for your security team to perform on a daily basis.* |

-| Check your threat vulnerability management dashboard | Get a snapshot of threat vulnerability by looking at your vulnerability management dashboard, which reflects how vulnerable your organization is to cybersecurity threats. A high exposure score means your devices are more vulnerable to exploitation. <ol><li>In the Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com)), in the navigation pane, select **Vulnerability management > Dashboard**.</li><li>Take a look at your **Organization exposure score**. If it's in the acceptable or "High" range, you can move on. If it isn't, select **Improve score** to see more details and security recommendations to improve this score.</li></ol>Being aware of your exposure score helps you to:<ul><li>Quickly understand and identify high-level takeaways about the state of security in your organization</li><li>Detect and respond to areas that require investigation or action to improve the current state</li><li>Communicate with peers and management about the impact of security efforts</li></ul> |

-| Review pending actions in the Action center | As threats are detected, [remediation actions](#remediation-actions-in-microsoft-365-business-premium) come into play. Depending on the particular threat and how your security settings are configured, remediation actions might be taken automatically or only upon approval, which is why these should be monitored regularly. Remediation actions are tracked in the Action center.<ol><li>In the Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com)), in the navigation pane, choose **Action center**.</li><li>Select the **Pending** tab to view and approve (or reject) any pending actions. Such actions can arise from antivirus or antimalware protection, automated investigations, manual response activities, or live response sessions.</li><li>Select the **History** tab to view a list of completed actions.</li></ol> |

-| Review devices with threat detections | When threats are detected on devices, your security team needs to know so that any needed actions, such as isolating a device, can be taken promptly. <ol><li>In the Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com)), in the navigation pane, choose **Reports > General > Security report**.</li><li>Scroll down to the **Vulnerable devices** row. If threats were detected on devices, you'll see that information in this row.</li></ol>|

-| Learn about new incidents or alerts | As threats are detected and alerts are triggered, incidents are created. Your company's security team can view and manage incidents in the Microsoft 365 Defender portal.<ol><li>In the Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com)), in the navigation menu, select **Incidents**. Incidents are displayed on the page with associated alerts.</li><li>Select an alert to open its flyout pane, where you can learn more about the alert.</li><li>In the flyout, you can see the alert title, view a list of assets (such as endpoints or user accounts) that were affected, take available actions, and use links to view more information and even open the details page for the selected alert.</li></ol> |

-| Run a scan or automated investigation | Your security team can initiate a scan or an automated investigation on a device that has a high risk level or detected threats. Depending on the results of the scan or automated investigation, [remediation actions](#remediation-actions-in-microsoft-365-business-premium) can occur automatically or upon approval.<ol><li>In the Microsoft 365 Defender portal (https://security.microsoft.com), in the navigation pane, choose **Assets** > **Devices**.</li><li>Select a device to open its flyout panel, and review the information that is displayed.</li><li>Select the ellipsis (...) to open the actions menu.</li><li>Select an action, such as **Run antivirus scan** or **Initiate Automated Investigation**.</li></ol> |

-| **Weekly** | *Tasks for your security team to perform on a weekly basis.* |

-| Monitor and improve your Microsoft Secure score | Microsoft Secure Score is a measurement of your organization's security posture. Higher numbers indicate that fewer improvement actions are needed. By using Secure Score, you can: <ul><li>Report on the current state of your organization's security posture.</li><li>Improve your security posture by providing discoverability, visibility, guidance, and control.</li><li>Compare with benchmarks and establish key performance indicators (KPIs).</li></ul>To check your score, follow these steps:<ol><li>In the Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com)), in the navigation pane choose **Secure score**. </li><li>Review and make decisions about the remediations and actions in order to improve your overall Microsoft secure score.</li></ol> |

-| Improve your secure score for devices | Improve your security configuration by remediating issues using the security recommendations list. As you do so, your Microsoft Secure Score for Devices improves and your organization becomes more resilient against cybersecurity threats and vulnerabilities going forward. It's always worth the time it takes to review and improve your score.<ol><li>To check your secure score, in the Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com)), in the navigation pane select **Secure score**.</li><li>From the **Microsoft Secure Score for Devices** card in the Defender Vulnerability Management dashboard, select one of the categories. A list of recommendations related to that category displays, along with recommendations.</li><li>Select an item on the list to display details related to the recommendation.</li><li>Select **Remediation options**.</li><li>Read the description to understand the context of the issue and what to do next. Choose a due date, add notes, and select **Export all remediation activity data to CSV** so you can attach it to an email for follow-up. A confirmation message tells you the remediation task has been created.</li><li>Send a follow-up email to your IT Administrator and allow for the time that you've allotted for the remediation to propagate in the system.</li><li>Return to the Microsoft Secure Score for Devices card on the dashboard. The number of security controls recommendations has decreased as a result of your actions.</li><li>Select **Security controls** to go back to the Security recommendations page. The item that you addressed isn't listed there anymore, which results in your Microsoft secure score improving.</li></ol> |

-| **Monthly** | *Tasks for your security team to perform on a monthly basis.* |

-| Run reports | Several reports are available in the Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com)).<ol><li>In the Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com)), in the navigation pane, select **Reports**.</li><li>Choose a report to review. Each report displays many pertinent categories for that report.</li><li>Select **View details** to see deeper information for each category.</li><li>Select the title of a particular threat to see details specific to it.</li></ol>|

-| Run a simulation tutorial | It's always a good idea to increase the security preparedness for you and your team through training. You can access simulation tutorials in the Microsoft 365 Defender portal. The tutorials cover several types of cyber threats. To get started:<ol><li>In the Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com)), in the navigation pane, choose **Tutorials**.</li><li>Read the walk-through for a tutorial you're interested in running, and then download the file, or copy the script needed to run the simulation according to the instructions.</li></ol> |

-| Explore the Learning hub | Use the Learning hub to increase your knowledge of cybersecurity threats and how to address them. We recommend exploring the resources that are offered, especially in the Microsoft 365 Defender and Endpoints sections.<ol><li>In the Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com)), in the navigation pane, choose **Learning hub**.</li><li>Select an area, such as **Microsoft 365 Defender** or **Endpoints**.</li><li>Select an item to learn more about each concept. </li></ol>Note that some resources in the Learning hub might cover functionality that isn't actually included in Microsoft 365 Business Premium. For example, advanced hunting capabilities are included in enterprise subscriptions, such as Defender for Endpoint Plan 2 or Microsoft 365 Defender, but not in Microsoft 365 Business Premium. [Compare security features in Microsoft 365 plans for small and medium-sized businesses](../security/defender-business/compare-mdb-m365-plans.md). |

-| **As needed** | *Tasks for your security team to perform on an as-needed basis.* |

-| Use the Threat analytics dashboard | Use the threat analytics dashboard to get an overview of the current threat landscape by highlighting reports that are most relevant to your organization. <ol><li>In the Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com)), in the navigation pane, select **Threat analytics** to display the Threat analytics dashboard. The dashboard summarizes the threats into the following sections:<ul><li>**Latest threats** lists the most recently published or updated threat reports, along with the number of active and resolved alerts.</li><li>**High-impact threats** lists the threats that have the highest impact to your organization. This section lists threats with the highest number of active and resolved alerts first.</li><li>**Highest exposure** lists threats with the highest exposure levels first. The exposure level of a threat is calculated using two pieces of information: how severe the vulnerabilities associated with the threat are, and how many devices in your organization could be exploited by those vulnerabilities.</li></ul></li><li>Select the title of the one you want to investigate, and read the associated report.</li><li>You can also review the full Analyst report for more details, or select other headings to view the related incidents, impacted assets, and exposure and mitigations.</li></ol> |

-| Remediate an item | Microsoft 365 Business Premium includes several [remediation actions](#remediation-actions-in-microsoft-365-business-premium). Some actions are taken automatically, and others await approval by your security team.<ol><li>In the Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com)), in the navigation pane, go to **Assets** > **Devices**.</li><li>Select a device, such as one with a high risk level or exposure level. A flyout pane opens and displays more information about alerts and incidents generated for that item.</li><li>On the flyout, view the information that is displayed. Select the ellipsis (...) to open a menu that lists available actions.</li><li>Select an available action. For example, you might choose **Run antivirus scan**, which will cause Microsoft Defender Antivirus to start a quick scan on the device. Or, you could select **Initiate Automated Investigation** to trigger an automated investigation on the device.</li></ol> |

-## Remediation actions in Microsoft 365 Business Premium

-The following table summarizes remediation actions that are available in Microsoft 365 Business Premium:

-| Source | Actions |

-|||

-| Automated investigations | <ul><li>Quarantine a file</li><li>Remove a registry key</li><li>Kill a process</li><li>Stop a service</li><li>Disable a driver</li><li>Remove a scheduled task </li></ul> |

-| Manual response actions | <ul><li>Run antivirus scan</li><li>Isolate device</li><li>Add an indicator to block or allow a file </li></ul> |

-| Live response | <ul><li>Collect forensic data</li><li>Analyze a file</li><li>Run a script</li><li>Send a suspicious entity to Microsoft for analysis</li><li>Remediate a file</li><li>Proactively hunt for threats</li></ul> |

-## See also

-[Best practices for securing Microsoft 365 for business plans](secure-your-business-data.md)

-This article lists the top 10 ways to secure your data with Microsoft 365 for business, and includes links for more information. Microsoft 365 for business plans include security capabilities, such as antiphishing, antispam, and antimalware protection. Microsoft 365 Business Premium includes even more capabilities, such as device security, advanced threat protection, and information protection.

-## Top 10 ways to secure your business data

-The following table lists the top 10 ways to secure business data and describes capabilities that are included in Microsoft 365 for business plans. It's not intended to be an exhaustive list of all capabilities in each plan. For more details about what each plan includes, see [Microsoft 365 User Subscription Suites for Small and Medium-sized Businesses](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RWR6bM).

-| What to do | [Microsoft 365 Business Premium](index.md) | [Microsoft 365 Business Standard](../admin/setup/setup-business-standard.md) | [Microsoft 365 Business Basic](../admin/setup/setup-business-basic.md) |

-|||||

-| 1. **[Use multi-factor authentication](../admin/security-and-compliance/multi-factor-authentication-microsoft-365.md)**.<br/><br/>[Multi-factor authentication](../admin/security-and-compliance/multi-factor-authentication-microsoft-365.md) (MFA), also known as two-step verification, requires people to use a code or authentication app on their phone to sign into Microsoft 365, and is a critical first step to protecting your business data. Using MFA can prevent bad actors from taking over your account if they know your password. <br/><br/>*Microsoft 365 Business Basic, Standard, and Premium include [Azure Active Directory](/azure/active-directory/fundamentals/active-directory-whatis) (Azure AD), which includes security defaults to simplify the process of enabling MFA.*<br/><br/>*Microsoft 365 Business Premium also includes [Azure AD Premium P1](/azure/active-directory/fundamentals/active-directory-whatis#what-are-the-azure-ad-licenses), and that includes Conditional Access for more stringent requirements.* <br/><br/>For more information, see [security defaults and MFA](m365bp-conditional-access.md). | <br/>*Azure AD Premium P1, with security defaults and Conditional Access* |  <br/>*Azure AD Free, with security defaults* |  <br/>*Azure AD Free, with security defaults* |

-| 2. **[Protect your administrator accounts](m365bp-protect-admin-accounts.md)**.<br/><br/>Administrator accounts (also called admins) have elevated privileges, making these accounts more susceptible to cyberattacks. Whether you're using Microsoft 365 Business Basic, Standard, or Premium, you'll need to set up and manage the right number of admin and user accounts for your business. <br/><br/>We also recommend adhering to the information security principle of least privilege, which means that users and applications should be granted access only to the data and operations they require to perform their jobs.<br/><br/>*Microsoft 365 Business Basic, Standard, and Premium include Azure AD.*<br/><br/>*Microsoft 365 Business Premium also includes Azure AD Premium Plan 1.*<br/><br/>For more information, see [Protect your administrator accounts](m365bp-protect-admin-accounts.md). | <br/>*Azure AD Premium P1* |  <br/>*Azure AD Free* |  <br/>*Azure AD Free* |

-| 3. **[Use preset security policies](m365bp-increase-protection.md)**.<br/><br/>Preset security policies save time by applying recommended spam, malware, and phishing policies to users all at once. <br/><br/>*Microsoft 365 Basic, Standard, and Premium include preset security policies with recommended settings for anti-spam, anti-malware, and anti-phishing included in [Exchange Online Protection](../security/office-365-security/eop-about.md) (EOP).* <br/><br/>*Microsoft 365 Business Premium also includes [Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/microsoft-defender-for-office-365-product-overview#microsoft-defender-for-office-365-plan-1-vs-plan-2-cheat-sheet), preset security policies include advanced anti-phishing, spoof settings, impersonation settings, Safe Links, and Safe Attachments.* <br/><br/>For more information, see the following articles: <br/>- [Preset security policies](../security/office-365-security/preset-security-policies.md)<br/>- [Protect against malware and other cyberthreats](m365bp-increase-protection.md) |  <br/>*EOP plus Defender for Office 365 Plan 1* |  <br/>*EOP* |  <br/>*EOP* |

-| 4. **[Protect all devices](m365bp-devices-overview.md)**.<br/><br/>Every device is a possible attack avenue into your network and must be configured properly, even those devices that are personally owned but used for work. Your security team and employees can all take steps to protect devices. All users can use MFA on their devices.<br/><br/>*Microsoft 365 Business Standard and Premium include Microsoft 365 Apps that can be installed on computers, tablets, and phones.* <br/><br/>*Microsoft 365 Business Premium also includes Microsoft Intune and Microsoft Defender for Business for securing and managing devices.*<br/><br/>For more information, see the following articles:<br/>- [Secure managed and unmanaged devices](m365bp-managed-unmanaged-devices.md) <br/>- [Set up unmanaged (BYOD) devices](m365bp-devices-overview.md)<br/>- [Set up and secure managed devices](m365bp-protect-devices.md) |  <br/>*MFA, Microsoft 365 Apps, Intune, and Defender for Business* |  <br/>*MFA and Microsoft 365 Apps* |  <br/>*MFA* |

-| 5. **[Train everyone on email best practices](m365bp-avoid-phishing-and-attacks.md)**.<br/><br/>Email can contain malicious attacks cloaked as harmless communications. Email systems are especially vulnerable, because email is handled by everyone in the organization, and safety relies on humans making consistently good decisions with those communications. Train everyone to know what to watch for spam or junk mail, phishing attempts, spoofing, and malware in their email. <br/><br/>*Microsoft 365 Basic, Standard, and Premium include [Exchange Online Protection](../security/office-365-security/eop-about.md) (EOP).* <br/><br/>*Microsoft 365 Business Premium also includes [Defender for Office 365 Plan 1](/microsoft-365/security/office-365-security/microsoft-defender-for-office-365-product-overview#microsoft-defender-for-office-365-plan-1-vs-plan-2-cheat-sheet), which provides more advanced protection for email and collaboration, with advanced anti-phishing, anti-spam, and anti-malware protection, Safe Attachments, and Safe Links.*<br/><br/>For more information, see the following articles: <br/>- [Protect yourself against phishing and other attacks](m365bp-avoid-phishing-and-attacks.md)<br/>- [Anti-phishing protection in Defender for Office 365](/microsoft-365/security/office-365-security/anti-phishing-protection-about#additional-anti-phishing-protection-in-microsoft-defender-for-office-365)<br/>- [Safe Attachments](/microsoft-365/security/office-365-security/safe-attachments-about) <br/>- [Safe Links](/microsoft-365/security/office-365-security/safe-links-about) |  <br/>*EOP, advanced anti-phishing and anti-malware, Safe Links, and Safe Attachments* |  <br/>*EOP* |  <br/>*EOP* |

-| 6. **[Use Microsoft Teams for collaboration and sharing](m365bp-collaborate-share-securely.md)**.<br/><br/>The best way to collaborate and share securely is to use Microsoft Teams. With Microsoft Teams, all your files and communications are in a protected environment and aren't being stored in unsafe ways outside of it.<br/><br/> *Microsoft 365 Business Basic, Standard, and Premium include Microsoft Teams.*<br/><br/>*Microsoft 365 Business Premium also includes Defender for Office 365 Plan 1 (with [Safe Links](/microsoft-365/security/office-365-security/safe-links-about#safe-links-settings-for-microsoft-teams) and [Safe Attachments](/microsoft-365/security/office-365-security/safe-attachments-for-spo-odfb-teams-about)) and [Azure Information Protection Plan 1](/azure/information-protection/what-is-information-protection) (with capabilities to discover, classify, protect, and govern sensitive information).* <br/><br/>For more information, see the following articles: <br/>- [Use Microsoft Teams for collaboration](create-teams-for-collaboration.md) <br/>- [Set up meetings with Microsoft Teams](set-up-meetings.md) <br/>- [Share files and videos in a safe environment](share-files-and-videos.md)<br/>- [Defender for Office 365 support for Microsoft Teams](/microsoft-365/security/office-365-security/mdo-support-teams-about)<br/>- [Data Loss Prevention (DLP) in Microsoft Teams](/microsoft-365/compliance/dlp-teams-default-policy)<br/>- [Use sensitivity labels to protect calendar items, Teams meetings, and chat](/microsoft-365/compliance/sensitivity-labels-meetings) | <br/>*Microsoft Teams, Safe Links, Safe Attachments, sensitivity labels, and Data Loss Prevention (DLP)* | <br/>*Microsoft Teams* | <br/>*Microsoft Teams* |

-| 7. **[Set sharing settings for SharePoint and OneDrive files and folders](m365bp-increase-protection.md)**.<br/><br/>Your default sharing levels for SharePoint and OneDrive might be set to a more permissive level than you should use. We recommend reviewing and if necessary, changing the default settings to better protect your business. Grant people only the access they need to do their jobs. <br/><br/>*Microsoft 365 Business Basic, Standard, and Premium include OneDrive and SharePoint.*<br/><br/>*Microsoft 365 Business Premium also includes Defender for Office 365 Plan 1 (with [Safe Links](/microsoft-365/security/office-365-security/safe-links-about) and [Safe Attachments](/microsoft-365/security/office-365-security/safe-attachments-for-spo-odfb-teams-about)) and [Azure Information Protection Plan 1](/azure/information-protection/what-is-information-protection) (with capabilities to discover, classify, protect, and govern sensitive information).*<br/><br/>For more information, see the following articles: <br/>- [Set sharing settings for SharePoint and OneDrive](m365bp-increase-protection.md#set-sharing-settings-for-sharepoint-and-onedrive-files-and-folders)<br/>- [Sensitivity labels for Office files in SharePoint and OneDrive](/microsoft-365/compliance/sensitivity-labels-sharepoint-onedrive-files) | <br/>*SharePoint and OneDrive, with Safe Links, Safe Attachments, sensitivity labels, and DLP* | <br/>*SharePoint and OneDrive* | <br/>*SharePoint and OneDrive* |

-| 8. **[Use Microsoft 365 Apps on devices](https://support.microsoft.com/topic/train-your-users-on-office-and-microsoft-365-7cba3c97-7f19-46ed-a1c6-763971a26c27)**.<br/><br/>Outlook and Microsoft 365 Apps (also referred to as Office apps) enable people to work productively and more securely across devices. Start a document on one device, and pick it up later on another device. Instead of sending files as email attachments, you can share links to documents that are stored in SharePoint or OneDrive.<br/><br/>*Microsoft 365 Basic, Standard, and Premium include Outlook and Web/mobile versions of the Microsoft 365 Apps (Word, Excel, and PowerPoint).*<br/><br/>*Microsoft 365 Business Standard and Premium also include desktop versions of Microsoft 365 Apps.* <br/><br/>*Microsoft 365 Business Premium also includes Defender for Office 365 Plan 1 (with Safe Links and Safe Attachments), and Azure Information Protection Plan 1 (with sensitivity labels).* <br/><br/>For more information, see the following articles: <br/>- [Install Microsoft 365 Apps on all devices](m365bp-install-office-apps.md).<br/>- [Train your users on Microsoft 365](https://support.microsoft.com/topic/train-your-users-on-office-and-microsoft-365-7cba3c97-7f19-46ed-a1c6-763971a26c27)<br/>- [How Safe Links works in Microsoft 365 Apps](/microsoft-365/security/office-365-security/safe-links-about#how-safe-links-works-in-office-apps)<br/>- [Sensitivity bar in Microsoft 365 Apps](/microsoft-365/compliance/sensitivity-labels-office-apps#sensitivity-bar)| <br/>*Outlook and Web, mobile, and desktop versions of Microsoft 365 Apps, with Safe Links and sensitivity labels* |  <br/>*Outlook and Web/mobile/desktop versions of Microsoft 365 Apps* |  <br/>*Outlook and Web/mobile versions of Microsoft 365 Apps* |

-| 9. **[Manage calendar sharing for your business](m365bp-increase-protection.md#manage-calendar-sharing)**.<br/><br/>You can help people in your organization share their calendars appropriately for better collaboration. You can manage what level of detail they can share, such as by limiting the details that are shared to free/busy times only.<br/><br/>*Microsoft 365 Business Basic, Standard, and Premium include Outlook and Exchange Online.* <br/><br/>*Microsoft 365 Business Premium also includes Azure Information Protection Plan 1, and that includes DLP policies to protect sensitive information.*<br/><br/>For more information, see the following articles: <br/>- [Manage calendar sharing](m365bp-increase-protection.md#manage-calendar-sharing) <br/>- [Get started with the default DLP policy](/microsoft-365/compliance/get-started-with-the-default-dlp-policy) | <br/>*Outlook, Exchange Online, and DLP* | <br/>*Exchange Online* | <br/>*Exchange Online* |

-| 10. **[Maintain your environment](m365bp-maintain-environment.md)**.<br/><br/>After your initial setup and configuration of Microsoft 365 for business is complete, your organization needs a maintenance and operations plan. As employees come and go, you'll need to add or remove users, reset passwords, and maybe even reset devices to factory settings. You'll also want to make sure people have only the access they need to do their jobs.<br/><br/>*Microsoft 365 Business Basic, Standard, and Premium include the [Microsoft 365 admin center](https://admin.microsoft.com) and the [Azure AD portal](https://entra.microsoft.com) for managing user accounts.*<br/><br/>*Microsoft 365 Business Premium also includes the [Microsoft 365 Defender portal](https://security.microsoft.com) and the [Microsoft 365 Purview compliance portal](https://compliance.microsoft.com/) for viewing and managing security & compliance capabilities.* <br/><br/>For more information, see the following articles: <br/>- [Maintain your environment](m365bp-maintain-environment.md) <br/>- [Security incident management in Microsoft 365 Business Premium](m365bp-security-incident-management.md)<br/>- [Microsoft 365 Business Premium security operations guide](m365bp-security-incident-quick-start.md) | <br/>*Azure AD portal, Microsoft 365 admin center, Microsoft 365 Defender portal, and Microsoft 365 Purview compliance portal* | <br/>*Azure AD portal and Microsoft 365 admin center* | <br/>*Azure AD portal and Microsoft 365 admin center* |

-[Remove company data from devices](../business-premium/m365bp-remove-company-data.md) (article)\

-[Reset Windows 10 devices to their factory settings](../business-premium/m365bp-reset-devices-to-factory-settings.md) (article)

-#### Preview regulations

-The regulations listed below are available in preview. Creating assessments from these regulations won't count toward your total of licensed regulations used.

-## Week of April 24, 2023

-| Published On |Topic title | Change |

-|||--|

-| 4/24/2023 | [Overview of Delegated Access in Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-delegated-access-overview?view=o365-worldwide) | added |

-| 4/24/2023 | [Create and manage communication compliance policies](/microsoft-365/compliance/communication-compliance-policies?view=o365-worldwide) | modified |

-| 4/24/2023 | [Data Loss Prevention policy reference](/microsoft-365/compliance/dlp-policy-reference?view=o365-worldwide) | modified |

-| 4/24/2023 | [Migrate the Azure Information Protection (AIP) add-in to Microsoft Purview Information Protection built-in labeling for Office apps](/microsoft-365/compliance/sensitivity-labels-aip?view=o365-worldwide) | modified |

-| 4/24/2023 | [Manage sensitivity labels in Office apps](/microsoft-365/compliance/sensitivity-labels-office-apps?view=o365-worldwide) | modified |

-| 4/24/2023 | [Identify internet-facing devices in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/internet-facing-devices?view=o365-worldwide) | modified |

-| 4/24/2023 | [Live response command examples](/microsoft-365/security/defender-endpoint/live-response-command-examples?view=o365-worldwide) | modified |

-| 4/24/2023 | [Detecting human-operated ransomware attacks with Microsoft 365 Defender](/microsoft-365/security/defender/playbook-detecting-ransomware-m365-defender?view=o365-worldwide) | modified |

-| 4/25/2023 | [Onboard macOS devices into Microsoft 365 overview](/microsoft-365/compliance/device-onboarding-macos-overview?view=o365-worldwide) | modified |

-| 4/25/2023 | [Configure endpoint DLP settings](/microsoft-365/compliance/dlp-configure-endpoint-settings?view=o365-worldwide) | modified |

-| 4/25/2023 | [Learn about Endpoint data loss prevention](/microsoft-365/compliance/endpoint-dlp-learn-about?view=o365-worldwide) | modified |

-| 4/25/2023 | [Cross-tenant mailbox migration](/microsoft-365/enterprise/cross-tenant-mailbox-migration?view=o365-worldwide) | modified |

-| 4/25/2023 | [Get started with Microsoft 365 for healthcare organizations](/microsoft-365/frontline/teams-in-hc?view=o365-worldwide) | modified |

-| 4/25/2023 | [Manage the workflow with the insider risk management users dashboard](/microsoft-365/compliance/insider-risk-management-users?view=o365-worldwide) | modified |

-| 4/26/2023 | [Microsoft 365 admin center activity reports](/microsoft-365/admin/activity-reports/activity-reports?view=o365-worldwide) | modified |

-| 4/26/2023 | [Download perpetual software and product license keys bought through the Cloud Solution Provider (CSP) program](/microsoft-365/admin/setup/download-software-licenses-csp?view=o365-worldwide) | modified |

-| 4/26/2023 | [How to secure your business data with Microsoft 365](/microsoft-365/business-premium/secure-your-business-data?view=o365-worldwide) | modified |

-| 4/26/2023 | [Manage auto-claim policies](/microsoft-365/commerce/licenses/manage-auto-claim-policies?view=o365-worldwide) | modified |

-| 4/26/2023 | [Automatically apply a retention label to Microsoft 365 items](/microsoft-365/compliance/apply-retention-labels-automatically?view=o365-worldwide) | modified |

-| 4/26/2023 | [Error remediation when processing data](/microsoft-365/compliance/ediscovery-error-remediation-when-processing-data?view=o365-worldwide) | modified |

-| 4/26/2023 | [Learn about the default labels and policies to protect your data](/microsoft-365/compliance/mip-easy-trials?view=o365-worldwide) | modified |

-| 4/26/2023 | [Learn about sensitive information types](/microsoft-365/compliance/sensitive-information-type-learn-about?view=o365-worldwide) | modified |

-| 4/26/2023 | [Overview and Definitions](/microsoft-365/enterprise/m365-dr-overview?view=o365-worldwide) | modified |

-| 4/26/2023 | [Microsoft 365 Network Insights](/microsoft-365/enterprise/office-365-network-mac-perf-insights?view=o365-worldwide) | modified |

-| 4/26/2023 | [Set up and configure Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-setup-configuration?view=o365-worldwide) | modified |

-| 4/26/2023 | [Use a prebuilt model to extract information from contracts in Microsoft Syntex](/microsoft-365/syntex/prebuilt-model-contract) | added |

-| 4/26/2023 | [Microsoft 365 Group mailbox size management](/microsoft-365/admin/create-groups/group-mailbox-size-management?view=o365-worldwide) | modified |

-| 4/26/2023 | [Microsoft 365 Health Dashboard](/microsoft-365/admin/manage/health-dashboard-overview?view=o365-worldwide) | modified |

-| 4/26/2023 | [Launch your portal using the Portal launch scheduler](/microsoft-365/enterprise/portallaunchscheduler?view=o365-worldwide) | modified |

-| 4/26/2023 | [Compare security features in Microsoft 365 plans for small and medium-sized businesses](/microsoft-365/security/defender-business/compare-mdb-m365-plans?view=o365-worldwide) | modified |

-| 4/26/2023 | [Microsoft Defender for Business](/microsoft-365/security/defender-business/index?view=o365-worldwide) | modified |

-| 4/26/2023 | [Create an enterprise model in Microsoft Syntex](/microsoft-365/syntex/create-syntex-model) | modified |

-| 4/26/2023 | [Overview of model types in Microsoft Syntex](/microsoft-365/syntex/model-types-overview) | modified |

-| 4/26/2023 | [Overview of prebuilt models in Microsoft Syntex](/microsoft-365/syntex/prebuilt-overview) | modified |

-| 4/26/2023 | [Requirements and limitations for models in Microsoft Syntex](/microsoft-365/syntex/requirements-and-limitations) | modified |

-| 4/26/2023 | [Step 5. Device and app management for your Microsoft 365 for enterprise tenants](/microsoft-365/solutions/tenant-management-device-management?view=o365-worldwide) | added |

-| 4/26/2023 | [Step 3. Identity for your Microsoft 365 for enterprise tenants](/microsoft-365/solutions/tenant-management-identity?view=o365-worldwide) | added |

-| 4/26/2023 | [Step 4. Migration for your Microsoft 365 for enterprise tenants](/microsoft-365/solutions/tenant-management-migration?view=o365-worldwide) | added |

-| 4/26/2023 | [Step 2. Optimal networking for your Microsoft 365 for enterprise tenants](/microsoft-365/solutions/tenant-management-networking?view=o365-worldwide) | added |

-| 4/26/2023 | [Tenant management for Microsoft 365 for enterprise](/microsoft-365/solutions/tenant-management-overview?view=o365-worldwide) | added |

-| 4/26/2023 | [Step 1. Your Microsoft 365 for enterprise tenants](/microsoft-365/solutions/tenant-management-tenants?view=o365-worldwide) | added |

-| 4/26/2023 | [Overview of inactive mailboxes](/microsoft-365/compliance/inactive-mailboxes-in-office-365?view=o365-worldwide) | modified |

-| 4/26/2023 | [Recover an inactive mailbox](/microsoft-365/compliance/recover-an-inactive-mailbox?view=o365-worldwide) | modified |

-| 4/26/2023 | [Restore an inactive mailbox](/microsoft-365/compliance/restore-an-inactive-mailbox?view=o365-worldwide) | modified |

-| 4/26/2023 | [Sensitive information type entity definitions](/microsoft-365/compliance/sensitive-information-type-entity-definitions?view=o365-worldwide) | modified |

-| 4/26/2023 | [Assign roles to Microsoft 365 user accounts with PowerShell](/microsoft-365/enterprise/assign-roles-to-user-accounts-with-microsoft-365-powershell?view=o365-worldwide) | modified |

-| 4/26/2023 | [Manage Microsoft 365 with PowerShell](/microsoft-365/enterprise/manage-microsoft-365-with-microsoft-365-powershell?view=o365-worldwide) | modified |

-| 4/26/2023 | [Tenant roadmap for Microsoft 365](/microsoft-365/enterprise/tenant-roadmap-microsoft-365?view=o365-worldwide) | modified |

-| 4/27/2023 | [Welcome to Business Assist](/microsoft-365/admin/misc/welcome-business-assist?view=o365-worldwide) | added |

-| 4/27/2023 | [Troubleshoot Microsoft Teams EHR connector setup and configuration](/microsoft-365/frontline/ehr-connector-troubleshoot-setup-configuration?view=o365-worldwide) | modified |

-| 4/27/2023 | [Troubleshoot performance issues for Microsoft Defender for Endpoint on Linux](/microsoft-365/security/defender-endpoint/linux-support-perf?view=o365-worldwide) | modified |

-| 4/27/2023 | [Investigate entities on devices using live response in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/live-response?view=o365-worldwide) | modified |

-| 4/27/2023 | [Microsoft Defender for Endpoint on Linux](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint-linux?view=o365-worldwide) | modified |

-| 4/27/2023 | [Run the client analyzer on macOS or Linux](/microsoft-365/security/defender-endpoint/run-analyzer-macos-linux?view=o365-worldwide) | modified |

-| 4/27/2023 | [Get started with collecting files that match data loss prevention policies from devices (preview)](/microsoft-365/compliance/dlp-copy-matched-items-get-started?view=o365-worldwide) | added |

-| 4/27/2023 | [Learn about collecting files that match DLP policies from devices (preview)](/microsoft-365/compliance/dlp-copy-matched-items-learn?view=o365-worldwide) | added |

-| 4/27/2023 | [Why do I need Microsoft Defender for Office 365?](/microsoft-365/security/office-365-security/why-do-i-need-microsoft-defender-for-office-365?view=o365-worldwide) | renamed |

-| 4/27/2023 | [Configure endpoint DLP settings](/microsoft-365/compliance/dlp-configure-endpoint-settings?view=o365-worldwide) | modified |

-| 4/27/2023 | [Learn about data loss prevention](/microsoft-365/compliance/dlp-learn-about-dlp?view=o365-worldwide) | modified |

-| 4/27/2023 | [Data Loss Prevention policy reference](/microsoft-365/compliance/dlp-policy-reference?view=o365-worldwide) | modified |

-| 4/27/2023 | [Why do I need Microsoft Defender for Office 365?](/microsoft-365/security/office-365-security/why-do-i-need-microsoft-defender-for-office-365?view=o365-worldwide) | modified |

-| 4/27/2023 | Change Microsoft 365 for business plans manually | removed |

-| 4/27/2023 | [Upgrade or change to a different Microsoft 365 for business plan](/microsoft-365/commerce/subscriptions/upgrade-to-different-plan?view=o365-worldwide) | modified |

-| 4/27/2023 | [Get started with eDiscovery (Premium)](/microsoft-365/compliance/ediscovery-premium-get-started?view=o365-worldwide) | modified |

-| 4/27/2023 | [Get started with eDiscovery (Standard)](/microsoft-365/compliance/ediscovery-standard-get-started?view=o365-worldwide) | modified |

-| 4/27/2023 | [Changing from a Microsoft 365 E plan to a Microsoft 365 F plan](/microsoft-365/frontline/switch-from-enterprise-to-frontline?view=o365-worldwide) | modified |

-| 4/28/2023 | [Configure review set grouping settings for eDiscovery (Premium) cases](/microsoft-365/compliance/ediscovery-configure-review-set-settings?view=o365-worldwide) | added |

-| 4/28/2023 | [Performing Bulk SharePoint site Cross-tenant migrations (preview)](/microsoft-365/enterprise/cross-tenant-sharepoint-bulk-site-migration?view=o365-worldwide) | added |

-| 4/28/2023 | [SharePoint Cross-tenant SharePoint migration FAQs (preview)](/microsoft-365/enterprise/cross-tenant-sharepoint-migration-faqs?view=o365-worldwide) | added |

-| 4/28/2023 | [SharePoint Cross-tenant SharePoint migration Step 1 (preview)](/microsoft-365/enterprise/cross-tenant-sharepoint-migration-step1?view=o365-worldwide) | added |

-| 4/28/2023 | [SharePoint Cross-tenant SharePoint migration Step 2 (preview)](/microsoft-365/enterprise/cross-tenant-sharepoint-migration-step2?view=o365-worldwide) | added |

-| 4/28/2023 | [SharePoint Cross-tenant SharePoint migration Step 3 (preview)](/microsoft-365/enterprise/cross-tenant-sharepoint-migration-step3?view=o365-worldwide) | added |

-| 4/28/2023 | [SharePoint Cross-tenant SharePoint migration Step 4 (preview)](/microsoft-365/enterprise/cross-tenant-sharepoint-migration-step4?view=o365-worldwide) | added |

-| 4/28/2023 | [SharePoint Cross-tenant SharePoint migration Step 5 (preview)](/microsoft-365/enterprise/cross-tenant-sharepoint-migration-step5?view=o365-worldwide) | added |

-| 4/28/2023 | [SharePoint site Cross-tenant SharePoint migration Step 6 (preview)](/microsoft-365/enterprise/cross-tenant-sharepoint-migration-step6?view=o365-worldwide) | added |

-| 4/28/2023 | [SharePoint Cross-Tenant User Data Migration Step 7 (preview)](/microsoft-365/enterprise/cross-tenant-sharepoint-migration-step7?view=o365-worldwide) | added |

-| 4/28/2023 | [Cross-tenant SharePoint site migration overview (preview)](/microsoft-365/enterprise/cross-tenant-sharepoint-migration?view=o365-worldwide) | added |

-| 4/28/2023 | [Secure your business data with Microsoft 365 for business](/microsoft-365/business-premium/secure-your-business-data?view=o365-worldwide) | modified |

-| 4/28/2023 | [Automatically apply a retention label to Microsoft 365 items](/microsoft-365/compliance/apply-retention-labels-automatically?view=o365-worldwide) | modified |

-| 4/28/2023 | [Publish and apply retention labels](/microsoft-365/compliance/create-apply-retention-labels?view=o365-worldwide) | modified |

-| 4/28/2023 | [Automatically retain or delete content by using retention policies](/microsoft-365/compliance/create-retention-policies?view=o365-worldwide) | modified |

-| 4/28/2023 | [Disposition of content](/microsoft-365/compliance/disposition?view=o365-worldwide) | modified |

-| 4/28/2023 | [Add or remove members from an eEdiscovery (Premium) case](/microsoft-365/compliance/ediscovery-add-or-remove-members-from-a-case?view=o365-worldwide) | modified |

-| 4/28/2023 | [Close or delete an eDiscovery (Premium) case](/microsoft-365/compliance/ediscovery-close-or-delete-case?view=o365-worldwide) | modified |

-| 4/28/2023 | [Configure search and analytics settings for eDiscovery (Premium) cases](/microsoft-365/compliance/ediscovery-configure-search-and-analytics-settings?view=o365-worldwide) | modified |

-| 4/28/2023 | [Create and manage an eDiscovery (Premium) case](/microsoft-365/compliance/ediscovery-create-and-manage-cases?view=o365-worldwide) | modified |

-| 4/28/2023 | [Document metadata fields in eDiscovery (Premium)](/microsoft-365/compliance/ediscovery-document-metadata-fields?view=o365-worldwide) | modified |

-| 4/28/2023 | [Tag documents in a review set](/microsoft-365/compliance/ediscovery-tagging-documents?view=o365-worldwide) | modified |

-| 4/28/2023 | [Group and view documents in a review set in eDiscovery (Premium)](/microsoft-365/compliance/ediscovery-view-documents-in-review-set?view=o365-worldwide) | modified |

-| 4/28/2023 | [Get started with data lifecycle management](/microsoft-365/compliance/get-started-with-data-lifecycle-management?view=o365-worldwide) | modified |

-| 4/28/2023 | [Get started with records management in Microsoft 365](/microsoft-365/compliance/get-started-with-records-management?view=o365-worldwide) | modified |

-| 4/28/2023 | [Permissions in the Microsoft Purview compliance portal](/microsoft-365/compliance/microsoft-365-compliance-center-permissions?view=o365-worldwide) | modified |

-| 4/28/2023 | [Onboard macOS devices into Microsoft 365 overview](/microsoft-365/compliance/device-onboarding-macos-overview?view=o365-worldwide) | modified |

-| 4/28/2023 | [Onboard Windows 10 and Windows 11 devices using Mobile Device Management tools](/microsoft-365/compliance/device-onboarding-mdm?view=o365-worldwide) | modified |

-| 4/28/2023 | [Onboard and offboard macOS devices into Compliance solutions using Microsoft Intune for Microsoft Defender for Endpoint customers](/microsoft-365/compliance/device-onboarding-offboarding-macos-intune-mde?view=o365-worldwide) | modified |

-| 4/28/2023 | [Onboard and offboard macOS devices into Microsoft Purview solutions using Microsoft Intune](/microsoft-365/compliance/device-onboarding-offboarding-macos-intune?view=o365-worldwide) | modified |

-| 4/28/2023 | [Onboard and offboard macOS devices into Compliance solutions using JAMF Pro for Microsoft Defender for Endpoint customers](/microsoft-365/compliance/device-onboarding-offboarding-macos-jamfpro-mde?view=o365-worldwide) | modified |

-| 4/28/2023 | [Onboard and offboard macOS devices into Microsoft Purview solutions using JAMF Pro](/microsoft-365/compliance/device-onboarding-offboarding-macos-jamfpro?view=o365-worldwide) | modified |

-| 4/28/2023 | [What's new in Microsoft Purview risk and compliance solutions](/microsoft-365/compliance/whats-new?view=o365-worldwide) | modified |

-## Week of April 17, 2023

-| Published On |Topic title | Change |

-|||--|

-| 4/17/2023 | [Key compliance and security considerations for US banking and capital markets](/microsoft-365/solutions/financial-services-secure-collaboration?view=o365-worldwide) | modified |

-| 4/17/2023 | [Records management for documents and emails in Microsoft 365](/microsoft-365/compliance/records-management?view=o365-worldwide) | modified |

-| 4/17/2023 | [Send email notifications and show policy tips for DLP policies](/microsoft-365/compliance/use-notifications-and-policy-tips?view=o365-worldwide) | modified |

-| 4/17/2023 | Manage Microsoft Defender for Endpoint Plan 1 | removed |

-| 4/18/2023 | [Identify internet-facing devices in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/internet-facing-devices?view=o365-worldwide) | added |

-| 4/18/2023 | [How Microsoft names threat actors](/microsoft-365/security/intelligence/microsoft-threat-actor-naming?view=o365-worldwide) | added |

-| 4/18/2023 | [Run live response commands on a device](/microsoft-365/security/defender-endpoint/run-live-response?view=o365-worldwide) | modified |

-| 4/18/2023 | How Microsoft names threat actors | removed |

-| 4/18/2023 | [Get started with Endpoint data loss prevention](/microsoft-365/compliance/endpoint-dlp-getting-started?view=o365-worldwide) | modified |

-| 4/18/2023 | [Configure advanced features in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/advanced-features?view=o365-worldwide) | modified |

-| 4/18/2023 | Glossary: Microsoft 365 Business Premium security concepts | removed |

-| 4/18/2023 | [Audit log activities](/microsoft-365/compliance/audit-log-activities?view=o365-worldwide) | modified |

-| 4/18/2023 | [Performance analyzer for Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/tune-performance-defender-antivirus?view=o365-worldwide) | modified |

-| 4/18/2023 | [Configure anti-malware policies](/microsoft-365/security/office-365-security/anti-malware-policies-configure?view=o365-worldwide) | modified |

-| 4/18/2023 | [Configure anti-phishing policies in EOP](/microsoft-365/security/office-365-security/anti-phishing-policies-eop-configure?view=o365-worldwide) | modified |

-| 4/18/2023 | [Configure anti-phishing policies in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/anti-phishing-policies-mdo-configure?view=o365-worldwide) | modified |

-| 4/19/2023 | [Trainable classifiers definitions](/microsoft-365/compliance/classifier-tc-definitions?view=o365-worldwide) | modified |

-| 4/19/2023 | [Create and manage communication compliance policies](/microsoft-365/compliance/communication-compliance-policies?view=o365-worldwide) | modified |

-| 4/19/2023 | [Create a legal hold notice](/microsoft-365/compliance/ediscovery-create-hold-notification?view=o365-worldwide) | modified |

-| 4/19/2023 | [Microsoft Purview setup guides](/microsoft-365/compliance/purview-fast-track-setup-guides?view=o365-worldwide) | modified |

-| 4/19/2023 | [Data Residency for SharePoint Online and OneDrive for Business](/microsoft-365/enterprise/m365-dr-workload-spo?view=o365-worldwide) | modified |

-| 4/19/2023 | [Troubleshooting issues when moving to Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/switch-to-mde-troubleshooting?view=o365-worldwide) | modified |

-| 4/19/2023 | [Configure anti-malware policies](/microsoft-365/security/office-365-security/anti-malware-policies-configure?view=o365-worldwide) | modified |

-| 4/19/2023 | [Configure anti-phishing policies in EOP](/microsoft-365/security/office-365-security/anti-phishing-policies-eop-configure?view=o365-worldwide) | modified |

-| 4/19/2023 | [Configure anti-phishing policies in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/anti-phishing-policies-mdo-configure?view=o365-worldwide) | modified |

-| 4/19/2023 | [Configure spam filter policies](/microsoft-365/security/office-365-security/anti-spam-policies-configure?view=o365-worldwide) | modified |

-| 4/19/2023 | [Configure outbound spam policies](/microsoft-365/security/office-365-security/outbound-spam-policies-configure?view=o365-worldwide) | modified |

-| 4/19/2023 | Change the size of PST files when exporting eDiscovery search results | removed |

-| 4/19/2023 | [Learn about optical character recognition in Microsoft Purview (preview)](/microsoft-365/compliance/ocr-learn-about?view=o365-worldwide) | added |

-| 4/19/2023 | [Work with a partner to archive third-party data](/microsoft-365/compliance/archive-partner-third-party-data?view=o365-worldwide) | modified |

-| 4/19/2023 | [Microsoft Purview extensibility](/microsoft-365/compliance/compliance-extensibility?view=o365-worldwide) | modified |

-| 4/19/2023 | [Get started with insider risk management](/microsoft-365/compliance/insider-risk-management-configure?view=o365-worldwide) | modified |

-| 4/19/2023 | [Get started with privileged access management](/microsoft-365/compliance/privileged-access-management-configuration?view=o365-worldwide) | modified |

-| 4/19/2023 | [Learn about retention policies & labels to retain or delete](/microsoft-365/compliance/retention?view=o365-worldwide) | modified |

-| 4/19/2023 | [What's new in Microsoft Purview risk and compliance solutions](/microsoft-365/compliance/whats-new?view=o365-worldwide) | modified |

-| 4/19/2023 | [Anti-malware protection](/microsoft-365/security/office-365-security/anti-malware-protection-about?view=o365-worldwide) | modified |

-| 4/19/2023 | [End-user notifications for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-end-user-notifications?view=o365-worldwide) | modified |

-| 4/19/2023 | [Insights and reports Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-insights?view=o365-worldwide) | modified |

-| 4/19/2023 | [Landing pages in Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-landing-pages?view=o365-worldwide) | modified |

-| 4/19/2023 | [Login pages in Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-login-pages?view=o365-worldwide) | modified |

-| 4/19/2023 | [Payload automations for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-payload-automations?view=o365-worldwide) | modified |

-| 4/19/2023 | [Payloads in Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-payloads?view=o365-worldwide) | modified |

-| 4/19/2023 | [Simulation automations for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-simulation-automations?view=o365-worldwide) | modified |

-| 4/19/2023 | [Simulate a phishing attack with Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-simulations?view=o365-worldwide) | modified |

-| 4/19/2023 | [Microsoft Teams in Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-teams?view=o365-worldwide) | modified |

-| 4/19/2023 | [Training campaigns in Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-training-campaigns?view=o365-worldwide) | modified |

-| 4/19/2023 | [Training modules for Training campaigns in Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-training-modules?view=o365-worldwide) | modified |

-| 4/19/2023 | [Configure the default connection filter policy](/microsoft-365/security/office-365-security/connection-filter-policies-configure?view=o365-worldwide) | modified |

-| 4/19/2023 | [Manage quarantined messages and files as an admin](/microsoft-365/security/office-365-security/quarantine-admin-manage-messages-files?view=o365-worldwide) | modified |

-| 4/19/2023 | [Find and release quarantined messages as a user](/microsoft-365/security/office-365-security/quarantine-end-user?view=o365-worldwide) | modified |

-| 4/19/2023 | [Quarantine policies](/microsoft-365/security/office-365-security/quarantine-policies?view=o365-worldwide) | modified |

-| 4/20/2023 | [Remove a former employee - Overview](/microsoft-365/admin/add-users/remove-former-employee?view=o365-worldwide) | modified |

-| 4/20/2023 | [Set an individual user's password to never expire](/microsoft-365/admin/add-users/set-password-to-never-expire?view=o365-worldwide) | modified |

-| 4/20/2023 | [Microsoft 365 Experience insights dashboard](/microsoft-365/admin/misc/experience-insights-dashboard?view=o365-worldwide) | modified |

-| 4/20/2023 | [What's new in the Microsoft 365 admin center?](/microsoft-365/admin/whats-new-in-preview?view=o365-worldwide) | modified |

-| 4/20/2023 | [Learn about retention policies & labels to retain or delete](/microsoft-365/compliance/retention?view=o365-worldwide) | modified |

-| 4/20/2023 | [Set up and configure Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-setup-configuration?view=o365-worldwide) | modified |

-| 4/20/2023 | The simplified configuration process in Microsoft Defender for Business | removed |

-| 4/20/2023 | Use setup wizard in Microsoft Defender for Business | removed |

-| 4/20/2023 | [What's new in Microsoft Defender for Endpoint on Linux](/microsoft-365/security/defender-endpoint/linux-whatsnew?view=o365-worldwide) | modified |

-| 4/20/2023 | [Migrate to Microsoft Defender for Endpoint - Onboard](/microsoft-365/security/defender-endpoint/switch-to-mde-phase-3?view=o365-worldwide) | modified |

-| 4/20/2023 | [How Microsoft names threat actors](/microsoft-365/security/intelligence/microsoft-threat-actor-naming?view=o365-worldwide) | modified |

-| 4/20/2023 | [Configure spam filter policies](/microsoft-365/security/office-365-security/anti-spam-policies-configure?view=o365-worldwide) | modified |

-| 4/20/2023 | [Configure outbound spam policies](/microsoft-365/security/office-365-security/outbound-spam-policies-configure?view=o365-worldwide) | modified |

-| 4/20/2023 | [Set up Safe Attachments policies in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/safe-attachments-policies-configure?view=o365-worldwide) | modified |

-| 4/20/2023 | [Set up Safe Links policies in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/safe-links-policies-configure?view=o365-worldwide) | modified |

-| 4/20/2023 | [Manage clients for Microsoft Whiteboard in GCC High environments](/microsoft-365/whiteboard/manage-clients-gcc-high?view=o365-worldwide) | modified |

-| 4/20/2023 | [About admin roles in the Microsoft 365 admin center](/microsoft-365/admin/add-users/about-admin-roles?view=o365-worldwide) | modified |

-| 4/20/2023 | [Upgrade Windows devices to Windows 10 or 11 Pro](/microsoft-365/business-premium/m365bp-upgrade-windows-pro?view=o365-worldwide) | modified |

-| 4/21/2023 | [Get scan agent by ID](/microsoft-365/security/defender-endpoint/get-agent-details?view=o365-worldwide) | added |

-| 4/21/2023 | [Add, update or delete a scan definition](/microsoft-365/security/defender-endpoint/add-a-new-scan-definition?view=o365-worldwide) | modified |

-| 4/21/2023 | [Authenticated scan methods and properties](/microsoft-365/security/defender-endpoint/get-authenticated-scan-properties?view=o365-worldwide) | modified |

-| 4/21/2023 | [Configure anti-phishing policies in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/anti-phishing-policies-mdo-configure?view=o365-worldwide) | modified |

-| 4/21/2023 | [Configure spam filter policies](/microsoft-365/security/office-365-security/anti-spam-policies-configure?view=o365-worldwide) | modified |

-| 4/21/2023 | [Microsoft recommendations for EOP and Defender for Office 365 security settings](/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-worldwide) | modified |

-| 4/21/2023 | [Safe Attachments for SharePoint, OneDrive, and Microsoft Teams](/microsoft-365/security/office-365-security/safe-attachments-for-spo-odfb-teams-about?view=o365-worldwide) | modified |

-| 4/21/2023 | [Turn on Safe Attachments for SharePoint, OneDrive, and Microsoft Teams](/microsoft-365/security/office-365-security/safe-attachments-for-spo-odfb-teams-configure?view=o365-worldwide) | modified |

-| 4/21/2023 | [Complete Safe Links overview for Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/safe-links-about?view=o365-worldwide) | modified |

-| 4/21/2023 | [Set up Safe Links policies in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/safe-links-policies-configure?view=o365-worldwide) | modified |

-| 4/21/2023 | [Configure global settings for Safe Links settings in Defender for Office 365](/microsoft-365/security/office-365-security/safe-links-policies-global-settings-configure?view=o365-worldwide) | modified |

-| 4/21/2023 | Microsoft Purview Compliance Manager quickstart guide | removed |

-| 4/21/2023 | Create assessment templates in Microsoft Purview Compliance Manager | removed |

-| 4/21/2023 | Extend assessment templates in Microsoft Purview Compliance Manager | removed |

-| 4/21/2023 | Format assessment template data in Excel for Microsoft Purview Compliance Manager | removed |

-| 4/21/2023 | Modify assessment templates in Microsoft Purview Compliance Manager | removed |

-| 4/21/2023 | [Learn about assessment templates in Microsoft Purview Compliance Manager](/microsoft-365/compliance/compliance-manager-templates?view=o365-worldwide) | modified |

-| 4/21/2023 | [Onboard Windows 10 or Windows 11 devices into Microsoft 365 overview](/microsoft-365/compliance/device-onboarding-overview?view=o365-worldwide) | modified |

-| 4/21/2023 | [Onboard non-Windows devices to the Microsoft Defender for Endpoint service](/microsoft-365/security/defender-endpoint/configure-endpoints-non-windows?view=o365-worldwide) | modified |

-## Week of April 10, 2023

-| Published On |Topic title | Change |

-|||--|

-| 4/10/2023 | [Limits for Content search and eDiscovery (Standard) in the Microsoft Purview compliance portal](/microsoft-365/compliance/ediscovery-limits-for-content-search?view=o365-worldwide) | modified |

-| 4/10/2023 | [Automated investigation and response in Microsoft 365 Defender](/microsoft-365/security/defender/m365d-autoir?view=o365-worldwide) | modified |

-| 4/10/2023 | Configure a team with security isolation in a dev/test environment | removed |

-| 4/10/2023 | Test Lab Guides for solutions and scenarios | removed |

-| 4/10/2023 | [Deploy a connector to archive Facebook Business pages data](/microsoft-365/compliance/archive-facebook-data?view=o365-worldwide) | renamed |

-| 4/10/2023 | [Use data connectors to import and archive third-party data in Microsoft 365](/microsoft-365/compliance/archive-third-party-data?view=o365-worldwide) | renamed |

-| 4/10/2023 | [Deploy a connector to archive Twitter data](/microsoft-365/compliance/archive-twitter-data?view=o365-worldwide) | renamed |

-| 4/10/2023 | Prepare for Office client deployment with Microsoft 365 Business Premium | removed |why-choose-microsoft-365-business-premium

-| 4/10/2023 | [Microsoft 365 Business Premium - Productivity and security](/microsoft-365/business-premium/why-choose-microsoft-365-business-premium?view=o365-worldwide) | modified |

-| 4/10/2023 | [Set up Microsoft 365 Business Premium](/microsoft-365/business-premium/m365bp-setup?view=o365-worldwide) | modified |

-| 4/10/2023 | [Set up a connector to archive Twitter data](/microsoft-365/compliance/archive-twitter-data-with-sample-connector?view=o365-worldwide) | modified |

-| 4/10/2023 | [Get started using Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-get-started?view=o365-worldwide) | modified |

-| 4/10/2023 | [Enable block at first sight to detect malware in seconds](/microsoft-365/security/defender-endpoint/configure-block-at-first-sight-microsoft-defender-antivirus?view=o365-worldwide) | modified |

-| 4/10/2023 | [Address false positives/negatives in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/defender-endpoint-false-positives-negatives?view=o365-worldwide) | modified |

-| 4/10/2023 | [Turn on cloud protection in Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/enable-cloud-protection-microsoft-defender-antivirus?view=o365-worldwide) | modified |

-| 4/11/2023 | [Use the Microsoft 365 admin center to manage your Shifts connection to Blue Yonder Workforce Management (Preview)](/microsoft-365/frontline/shifts-connector-blue-yonder-admin-center-manage?view=o365-worldwide) | modified |

-| 4/11/2023 | [Use the Microsoft 365 admin center to manage your Shifts connection to UKG Dimensions (Preview)](/microsoft-365/frontline/shifts-connector-ukg-admin-center-manage?view=o365-worldwide) | modified |

-| 4/11/2023 | [Use PowerShell to manage your Shifts connection to UKG Dimensions](/microsoft-365/frontline/shifts-connector-ukg-powershell-manage?view=o365-worldwide) | modified |

-| 4/11/2023 | [Use the Shifts connector wizard to connect Shifts to UKG Dimensions (Preview)](/microsoft-365/frontline/shifts-connector-wizard-ukg?view=o365-worldwide) | modified |

-| 4/11/2023 | [Configure and validate Microsoft Defender Antivirus network connections](/microsoft-365/security/defender-endpoint/configure-network-connections-microsoft-defender-antivirus?view=o365-worldwide) | modified |

-| 4/11/2023 | [Create indicators](/microsoft-365/security/defender-endpoint/manage-indicators?view=o365-worldwide) | modified |

-| 4/11/2023 | [Get started using Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-get-started?view=o365-worldwide) | modified |

-| 4/11/2023 | [Microsoft Defender Antivirus security intelligence and product updates](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-updates?view=o365-worldwide) | modified |

-| 4/11/2023 | [Get started with eDiscovery (Premium)](/microsoft-365/compliance/ediscovery-premium-get-started?view=o365-worldwide) | modified |

-| 4/11/2023 | [Enable the Report Message or the Report Phishing add-ins](/microsoft-365/security/office-365-security/submissions-users-report-message-add-in-configure?view=o365-worldwide) | modified |

-| 4/12/2023 | [Overview of the Microsoft Feed](/microsoft-365/ms-feed/m365-feed?view=o365-worldwide) | added |

-| 4/12/2023 | [Set up compliance boundaries for eDiscovery investigations](/microsoft-365/compliance/ediscovery-set-up-compliance-boundaries?view=o365-worldwide) | modified |

-| 4/12/2023 | [Migrate the Azure Information Protection (AIP) add-in to Microsoft Purview Information Protection built-in labeling for Office apps](/microsoft-365/compliance/sensitivity-labels-aip?view=o365-worldwide) | modified |

-| 4/12/2023 | [Minimum versions for sensitivity labels in Microsoft 365 Apps](/microsoft-365/compliance/sensitivity-labels-versions?view=o365-worldwide) | modified |

-| 4/12/2023 | [Cloud protection and Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/cloud-protection-microsoft-defender-antivirus?view=o365-worldwide) | modified |

-| 4/12/2023 | [Turn on cloud protection in Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/enable-cloud-protection-microsoft-defender-antivirus?view=o365-worldwide) | modified |

-| 4/12/2023 | [What's new in Microsoft Defender for Endpoint on Linux](/microsoft-365/security/defender-endpoint/linux-whatsnew?view=o365-worldwide) | modified |

-| 4/12/2023 | Why cloud protection should be enabled for Microsoft Defender Antivirus | removed |

-| 4/12/2023 | [Global settings in Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-settings?view=o365-worldwide) | modified |

-| 4/12/2023 | [Training campaigns in Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-training-campaigns?view=o365-worldwide) | modified |

-| 4/12/2023 | [Training modules for Training campaigns in Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-training-modules?view=o365-worldwide) | modified |

-| 4/12/2023 | [Quarantined email messages](/microsoft-365/security/office-365-security/quarantine-about?view=o365-worldwide) | modified |

-| 4/12/2023 | [Manage quarantined messages and files as an admin](/microsoft-365/security/office-365-security/quarantine-admin-manage-messages-files?view=o365-worldwide) | modified |

-| 4/12/2023 | [Find and release quarantined messages as a user](/microsoft-365/security/office-365-security/quarantine-end-user?view=o365-worldwide) | modified |

-| 4/12/2023 | [Quarantine policies](/microsoft-365/security/office-365-security/quarantine-policies?view=o365-worldwide) | modified |

-| 4/12/2023 | Overview of Copilot for Microsoft Syntex | removed |

-| 4/12/2023 | [Create and manage communication compliance policies](/microsoft-365/compliance/communication-compliance-policies?view=o365-worldwide) | modified |

-| 4/13/2023 | [Quarantine policies](/microsoft-365/security/office-365-security/quarantine-policies?view=o365-worldwide) | modified |

-| 4/13/2023 | [Quarantine notifications (end-user spam notifications) in Microsoft 365](/microsoft-365/security/office-365-security/quarantine-quarantine-notifications?view=o365-worldwide) | modified |

-| 4/13/2023 | [Microsoft Purview setup guides](/microsoft-365/compliance/purview-fast-track-setup-guides?view=o365-worldwide) | added |

-| 4/13/2023 | [Use Content search for targeted collections](/microsoft-365/compliance/ediscovery-use-content-search-for-targeted-collections?view=o365-worldwide) | modified |

-| 4/13/2023 | [Allow or block URLs using the Tenant Allow/Block List](/microsoft-365/security/office-365-security/tenant-allow-block-list-urls-configure?view=o365-worldwide) | modified |

-| 4/14/2023 | [Configure Microsoft Defender for Endpoint on iOS features](/microsoft-365/security/defender-endpoint/ios-configure-features?view=o365-worldwide) | modified |

-| 4/14/2023 | [Microsoft recommendations for EOP and Defender for Office 365 security settings](/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-worldwide) | modified |

-| 4/14/2023 | [Secure managed and unmanaged devices](/microsoft-365/business-premium/m365bp-managed-unmanaged-devices?view=o365-worldwide) | added |

-| 4/14/2023 | [Set up unmanaged devices overview](/microsoft-365/business-premium/m365bp-set-up-unmanaged-devices?view=o365-worldwide) | modified |

-| 4/14/2023 | [Protect unmanaged Windows PCs and Macs in Microsoft 365 Business Premium](/microsoft-365/business-premium/m365bp-protect-pcs-macs?view=o365-worldwide) | modified |

-## Week of April 03, 2023

-| Published On |Topic title | Change |

-|||--|

-| 4/3/2023 | [Endpoint detection and response (EDR) in block mode frequently asked questions (FAQ)](/microsoft-365/security/defender-endpoint/edr-block-mode-faqs?view=o365-worldwide) | added |

-| 4/3/2023 | [Endpoint detection and response in block mode](/microsoft-365/security/defender-endpoint/edr-in-block-mode?view=o365-worldwide) | modified |

-| 4/3/2023 | [macOS Device control policies frequently asked questions (FAQ)](/microsoft-365/security/defender-endpoint/mac-device-control-faq?view=o365-worldwide) | added |

-| 4/3/2023 | [Deploy and manage Device Control using Intune](/microsoft-365/security/defender-endpoint/mac-device-control-intune?view=o365-worldwide) | modified |

-| 4/3/2023 | [Deploy and manage device control using JAMF](/microsoft-365/security/defender-endpoint/mac-device-control-jamf?view=o365-worldwide) | modified |

-| 4/3/2023 | [Device control for macOS](/microsoft-365/security/defender-endpoint/mac-device-control-overview?view=o365-worldwide) | modified |

-| 4/3/2023 | [Errors during admin submissions](/microsoft-365/security/office-365-security/submissions-error-messages?view=o365-worldwide) | modified |

-| 4/3/2023 | [Allow or block URLs using the Tenant Allow/Block List](/microsoft-365/security/office-365-security/tenant-allow-block-list-urls-configure?view=o365-worldwide) | modified |

-| 4/3/2023 | [Overview of Copilot for Microsoft Syntex](/microsoft-365/syntex/syntex-copilot) | modified |

-| 4/3/2023 | [Pay for your Microsoft business subscription with a billing profile](/microsoft-365/commerce/billing-and-payments/pay-for-subscription-billing-profile?view=o365-worldwide) | modified |

-| 4/3/2023 | [Payment options for your Microsoft business subscription](/microsoft-365/commerce/billing-and-payments/pay-for-your-subscription?view=o365-worldwide) | modified |

-| 4/3/2023 | [Understand your bill or invoice for Microsoft 365 for business](/microsoft-365/commerce/billing-and-payments/understand-your-invoice2?view=o365-worldwide) | modified |

-| 4/3/2023 | [Security baselines assessment](/microsoft-365/security/defender-vulnerability-management/tvm-security-baselines?view=o365-worldwide) | modified |

-| 4/3/2023 | [Get started with Endpoint data loss prevention](/microsoft-365/compliance/endpoint-dlp-getting-started?view=o365-worldwide) | modified |

-| 4/3/2023 | [Tailor Teams apps for your frontline workers](/microsoft-365/frontline/pin-teams-apps-based-on-license?view=o365-worldwide) | modified |

-| 4/3/2023 | [What's new in Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-whats-new?view=o365-worldwide) | modified |

-| 4/5/2023 | [Setup guides for Microsoft 365 Defender](/microsoft-365/security/defender/deploy-configure-m365-defender?view=o365-worldwide) | added |

-| 4/5/2023 | [Use Content Search in Microsoft Teams](/microsoft-365/compliance/ediscovery-teams-content-search?view=o365-worldwide) | added |

-| 4/5/2023 | [Place a Microsoft Teams user or team on legal hold](/microsoft-365/compliance/ediscovery-teams-legal-hold?view=o365-worldwide) | added |

-| 4/5/2023 | [Conduct an eDiscovery investigation of content in Microsoft Teams](/microsoft-365/compliance/ediscovery-teams-investigation?view=o365-worldwide) | modified |

-| 4/5/2023 | [eDiscovery (Premium) workflow for content in Microsoft Teams](/microsoft-365/compliance/ediscovery-teams-workflow?view=o365-worldwide) | modified |

-| 4/5/2023 | [Minimum versions for sensitivity labels in Microsoft 365 Apps](/microsoft-365/compliance/sensitivity-labels-versions?view=o365-worldwide) | modified |

-| 4/6/2023 | [Use Content Search in Microsoft Teams](/microsoft-365/compliance/ediscovery-teams-content-search?view=o365-worldwide) | modified |

-| 4/6/2023 | [Place a Microsoft Teams user or team on legal hold](/microsoft-365/compliance/ediscovery-teams-legal-hold?view=o365-worldwide) | modified |

-| 4/6/2023 | Frequently asked questions on tamper protection | removed |

-| 4/7/2023 | [Upgrade your Office 2010 to Microsoft 365 - Microsoft 365 admin](/microsoft-365/admin/setup/upgrade-users-to-latest-office-client?view=o365-worldwide) | modified |

-| 4/7/2023 | [Virtual Appointments with Teams - Integration into Epic EHR](/microsoft-365/frontline/ehr-admin-epic?view=o365-worldwide) | modified |

-| 4/7/2023 | [Configure anti-malware policies](/microsoft-365/security/office-365-security/anti-malware-policies-configure?view=o365-worldwide) | modified |

-| 4/7/2023 | [Configure anti-phishing policies in EOP](/microsoft-365/security/office-365-security/anti-phishing-policies-eop-configure?view=o365-worldwide) | modified |

-| 4/7/2023 | [Configure anti-phishing policies in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/anti-phishing-policies-mdo-configure?view=o365-worldwide) | modified |

-| 4/7/2023 | [Configure spam filter policies](/microsoft-365/security/office-365-security/anti-spam-policies-configure?view=o365-worldwide) | modified |

-| 4/7/2023 | [Protect against threats in Microsoft Defender for Office 365, Anti-malware, Anti-Phishing, Anti-spam, Safe links, Safe attachments, Zero-hour auto purge (ZAP), MDO security configuration](/microsoft-365/security/office-365-security/protect-against-threats?view=o365-worldwide) | modified |

-| 4/7/2023 | [Quarantined messages FAQ](/microsoft-365/security/office-365-security/quarantine-faq?view=o365-worldwide) | modified |

-| 4/7/2023 | [Quarantine policies](/microsoft-365/security/office-365-security/quarantine-policies?view=o365-worldwide) | modified |

-| 4/7/2023 | [Quarantine notifications (end-user spam notifications) in Microsoft 365](/microsoft-365/security/office-365-security/quarantine-quarantine-notifications?view=o365-worldwide) | modified |

-| 4/7/2023 | [Microsoft recommendations for EOP and Defender for Office 365 security settings](/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-worldwide) | modified |

-| 4/7/2023 | [Set up Safe Attachments policies in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/safe-attachments-policies-configure?view=o365-worldwide) | modified |

-| 4/7/2023 | [Zero-hour auto purge in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/zero-hour-auto-purge?view=o365-worldwide) | modified |

-| 4/7/2023 | [Overview of the Tenants page in Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-tenants-page-overview?view=o365-worldwide) | modified |

-## Week of March 27, 2023

-| Published On |Topic title | Change |

-|||--|

-| 3/29/2023 | [Customize a SharePoint team site for file storage and sharing](/microsoft-365/admin/setup/customize-team-site?view=o365-worldwide) | modified |

-| 3/29/2023 | [Install Microsoft 365 apps](/microsoft-365/admin/setup/install-applications?view=o365-worldwide) | modified |

-| 3/29/2023 | [Set up OneDrive file storage and sharing](/microsoft-365/admin/setup/set-up-file-storage-and-sharing?view=o365-worldwide) | modified |

-| 3/29/2023 | [Set up mobile devices for Microsoft 365 for business users](/microsoft-365/admin/setup/set-up-mobile-devices?view=o365-worldwide) | modified |

-| 3/29/2023 | [Set up Microsoft 365 Apps for business](/microsoft-365/admin/setup/setup-apps-for-business?view=o365-worldwide) | modified |

-| 3/29/2023 | [Set up Microsoft 365 Business Standard with a new or existing domain](/microsoft-365/admin/setup/setup-business-standard?view=o365-worldwide) | modified |

-| 3/29/2023 | [Invite users to a Microsoft 365 business subscription](/microsoft-365/admin/simplified-signup/admin-invite-business-standard?view=o365-worldwide) | modified |

-| 3/29/2023 | [Contracts FAQ](/microsoft-365/commerce/licenses/contracts-faq?view=o365-worldwide) | modified |

-| 3/29/2023 | [Manage auto-claim policies](/microsoft-365/commerce/licenses/manage-auto-claim-policies?view=o365-worldwide) | modified |

-| 3/29/2023 | [Microsoft 365 Multi-Tenant Organization People Search](/microsoft-365/enterprise/multi-tenant-people-search?view=o365-worldwide) | modified |

-| 3/27/2023 | [Upgrade (preview), close, reopen, or delete eDiscovery (Standard) cases](/microsoft-365/compliance/ediscovery-close-reopen-delete-cases?view=o365-worldwide) | modified |

-| 3/27/2023 | [Microsoft 365 admin center Visio activity ](/microsoft-365/admin/activity-reports/visio-activity?view=o365-worldwide) | added |

-| 3/27/2023 | [Set up multifactor authentication for users](/microsoft-365/admin/security-and-compliance/set-up-multi-factor-authentication?view=o365-worldwide) | modified |

-| 3/27/2023 | [Customize what happens at the end of the retention period](/microsoft-365/compliance/retention-label-flow?view=o365-worldwide) | modified |

-| 3/27/2023 | [Manage exclusions for Microsoft Defender for Endpoint and Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/defender-endpoint-antivirus-exclusions?view=o365-worldwide) | modified |

-| 3/27/2023 | [Microsoft Defender Antivirus security intelligence and product updates](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-updates?view=o365-worldwide) | modified |

-| 3/28/2023 | [Setup overview for Microsoft 365 for Campaigns](/microsoft-365/business-premium/m365-campaigns-setup?view=o365-worldwide) | modified |

-| 3/28/2023 | [Protect your administrator accounts with Microsoft 365 Business Premium](/microsoft-365/business-premium/m365bp-protect-admin-accounts?view=o365-worldwide) | modified |

-| 3/28/2023 | [Welcome to Microsoft 365 Business Premium](/microsoft-365/business-premium/m365bp-setup-overview?view=o365-worldwide) | modified |

-| 3/28/2023 | [View or edit device protection policies](/microsoft-365/business-premium/m365bp-view-edit-create-mdb-policies?view=o365-worldwide) | modified |

-| 3/28/2023 | [Microsoft 365 Business Premium frequently asked questions](/microsoft-365/business-premium/microsoft-365-business-faqs?view=o365-worldwide) | modified |

-| 3/28/2023 | [What happens to my data and access when my subscription ends?](/microsoft-365/commerce/subscriptions/what-if-my-subscription-expires?view=o365-worldwide) | modified |

-| 3/28/2023 | [Take response actions on a device in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/respond-machine-alerts?view=o365-worldwide) | modified |

-| 3/28/2023 | [Microsoft Defender Threat Intelligence in Microsoft 365 Defender](/microsoft-365/security/defender/defender-threat-intelligence?view=o365-worldwide) | added |

-| 3/28/2023 | [Microsoft Defender for Office 365 support for Microsoft Teams (Preview)](/microsoft-365/security/office-365-security/mdo-support-teams-about?view=o365-worldwide) | added |

-| 3/28/2023 | [User reported message settings in Teams](/microsoft-365/security/office-365-security/submissions-teams?view=o365-worldwide) | added |

-| 3/28/2023 | [The Teams Message Entity Panel in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/teams-message-entity-panel?view=o365-worldwide) | added |

-| 3/28/2023 | [Manage quarantined messages and files as an admin](/microsoft-365/security/office-365-security/quarantine-admin-manage-messages-files?view=o365-worldwide) | modified |

-| 3/28/2023 | [Zero-hour auto purge in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/zero-hour-auto-purge?view=o365-worldwide) | modified |

-| 3/28/2023 | [Learn about Endpoint data loss prevention](/microsoft-365/compliance/endpoint-dlp-learn-about?view=o365-worldwide) | modified |

-| 3/28/2023 | [Configure and view alerts for DLP policies](/microsoft-365/compliance/dlp-configure-view-alerts-policies?view=o365-worldwide) | modified |

-| 3/28/2023 | [Configure endpoint DLP settings](/microsoft-365/compliance/dlp-configure-endpoint-settings?view=o365-worldwide) | modified |

-| 3/28/2023 | [Data Loss Prevention policy reference](/microsoft-365/compliance/dlp-policy-reference?view=o365-worldwide) | modified |

-| 3/28/2023 | [Anti-spam message headers](/microsoft-365/security/office-365-security/message-headers-eop-mdo?view=o365-worldwide) | modified |

-| 3/28/2023 | [Migrate to Microsoft Defender for Office 365 Phase 2: Setup](/microsoft-365/security/office-365-security/migrate-to-defender-for-office-365-setup?view=o365-worldwide) | modified |

-| 3/28/2023 | [Outbound delivery pools](/microsoft-365/security/office-365-security/outbound-spam-high-risk-delivery-pool-about?view=o365-worldwide) | modified |

-| 3/28/2023 | [Step-by-step threat protection stack in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/protection-stack-microsoft-defender-for-office365?view=o365-worldwide) | modified |

-| 3/28/2023 | [Threat Explorer and Real-time detections basics in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/real-time-detections?view=o365-worldwide) | modified |

-| 3/28/2023 | [Remediate malicious email that was delivered in Office 365](/microsoft-365/security/office-365-security/remediate-malicious-email-delivered-office-365?view=o365-worldwide) | modified |

-| 3/28/2023 | [Complete Safe Links overview for Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/safe-links-about?view=o365-worldwide) | modified |

-| 3/28/2023 | [Secure by default in Office 365](/microsoft-365/security/office-365-security/secure-by-default?view=o365-worldwide) | modified |

-| 3/28/2023 | [Steps to quickly set up the Standard or Strict preset security policies for Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/step-by-step-guides/ensuring-you-always-have-the-optimal-security-controls-with-preset-security-policies?view=o365-worldwide) | modified |

-| 3/28/2023 | [Reduce the attack surface for Microsoft Teams](/microsoft-365/security/office-365-security/step-by-step-guides/reducing-attack-surface-in-microsoft-teams?view=o365-worldwide) | modified |

-| 3/28/2023 | [Recommended Teams policies - Microsoft 365 for enterprise \| Microsoft Docs](/microsoft-365/security/office-365-security/teams-access-policies?view=o365-worldwide) | modified |

-| 3/28/2023 | [Top 12 tasks for security teams to support working from home](/microsoft-365/security/top-security-tasks-for-remote-work?view=o365-worldwide) | modified |

-| 3/28/2023 | [Get started with Endpoint data loss prevention](/microsoft-365/compliance/endpoint-dlp-getting-started?view=o365-worldwide) | modified |

-| 3/28/2023 | [Manage active content in Office documents for IT admins](/microsoft-365/security/active-content-in-trusted-docs?view=o365-worldwide) | modified |

-| 3/28/2023 | [Configure Microsoft Defender for Endpoint on Android risk signals using App Protection Policies (MAM)](/microsoft-365/security/defender-endpoint/android-configure-mam?view=o365-worldwide) | modified |

-| 3/28/2023 | [Troubleshoot issues on Microsoft Defender for Endpoint on Android](/microsoft-365/security/defender-endpoint/android-support-signin?view=o365-worldwide) | modified |

-| 3/28/2023 | [Attack surface reduction frequently asked questions (FAQ)](/microsoft-365/security/defender-endpoint/attack-surface-reduction-faq?view=o365-worldwide) | modified |

-| 3/28/2023 | [Enable attack surface reduction (ASR) rules](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-implement?view=o365-worldwide) | modified |

-| 3/28/2023 | [Batch Update alert entities API](/microsoft-365/security/defender-endpoint/batch-update-alerts?view=o365-worldwide) | modified |

-| 3/28/2023 | [Cloud protection and sample submission at Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/cloud-protection-microsoft-antivirus-sample-submission?view=o365-worldwide) | modified |

-| 3/28/2023 | [Alert grading for suspicious inbox forwarding rules](/microsoft-365/security/defender/alert-grading-playbook-inbox-forwarding-rules?view=o365-worldwide) | modified |

-| 3/28/2023 | [Device profile in Microsoft 365 security portal](/microsoft-365/security/defender/device-profile?view=o365-worldwide) | modified |

-| 3/28/2023 | [Enable the evaluation environment for Microsoft Defender for Office 365 in your production environment](/microsoft-365/security/defender/eval-defender-office-365-enable-eval?view=o365-worldwide) | modified |

-| 3/28/2023 | [Step 5. Develop and test use cases](/microsoft-365/security/defender/integrate-microsoft-365-defender-secops-use-cases?view=o365-worldwide) | modified |

-| 3/28/2023 | [Responding to ransomware attacks](/microsoft-365/security/defender/playbook-responding-ransomware-m365-defender?view=o365-worldwide) | modified |

-| 3/28/2023 | [Onboard macOS devices into Microsoft 365 overview](/microsoft-365/compliance/device-onboarding-macos-overview?view=o365-worldwide) | modified |

-| 3/28/2023 | [Onboard Windows 10 or Windows 11 devices into Microsoft 365 overview](/microsoft-365/compliance/device-onboarding-overview?view=o365-worldwide) | modified |

-| 3/29/2023 | [Use retention labels to manage SharePoint document lifecycle](/microsoft-365/compliance/auto-apply-retention-labels-scenario?view=o365-worldwide) | modified |

-| 3/29/2023 | [Start retention when an event occurs](/microsoft-365/compliance/event-driven-retention?view=o365-worldwide) | modified |

-| 3/29/2023 | [Add apps overview for Microsoft Intune](/microsoft-365/solutions/apps-add-overview?view=o365-worldwide) | added |

-| 3/29/2023 | [Step 1. Assess app requirements](/microsoft-365/solutions/apps-add-step-1?view=o365-worldwide) | added |

-| 3/29/2023 | [Step 2. Create and edit categories for apps](/microsoft-365/solutions/apps-add-step-2?view=o365-worldwide) | added |

-| 3/29/2023 | [Step 3. Purchase apps](/microsoft-365/solutions/apps-add-step-3?view=o365-worldwide) | added |

-| 3/29/2023 | [Step 4. Add apps to Intune](/microsoft-365/solutions/apps-add-step-4?view=o365-worldwide) | added |

-| 3/29/2023 | [Step 5. Manage apps and licenses](/microsoft-365/solutions/apps-add-step-5?view=o365-worldwide) | added |

-| 3/29/2023 | [Purchase and add apps for Microsoft Intune](/microsoft-365/solutions/apps-guide-overview?view=o365-worldwide) | added |

-| 3/29/2023 | [Manage app licenses used in Intune](/microsoft-365/solutions/apps-license-manage?view=o365-worldwide) | added |

-| 3/29/2023 | [Understand app licenses used in Intune](/microsoft-365/solutions/apps-license-overview?view=o365-worldwide) | added |

-| 3/29/2023 | [Purchase apps for Intune](/microsoft-365/solutions/apps-purchase-overview?view=o365-worldwide) | added |

-| 3/29/2023 | [Purchase store apps in Intune](/microsoft-365/solutions/apps-purchase-store?view=o365-worldwide) | added |

-| 3/29/2023 | [Purchase apps in-volume for Intune](/microsoft-365/solutions/apps-purchase-volume?view=o365-worldwide) | added |

-| 3/29/2023 | [Understand built-in apps for Intune](/microsoft-365/solutions/apps-type-built-in?view=o365-worldwide) | added |

-| 3/29/2023 | [Understand line-of-business apps for your managed environment](/microsoft-365/solutions/apps-type-lob?view=o365-worldwide) | added |

-| 3/29/2023 | [Understand Microsoft apps for Intune](/microsoft-365/solutions/apps-type-microsoft?view=o365-worldwide) | added |

-| 3/29/2023 | [Overview of app types available for managed environments](/microsoft-365/solutions/apps-type-overview?view=o365-worldwide) | added |

-| 3/29/2023 | [Understand store apps for your managed environment](/microsoft-365/solutions/apps-type-store?view=o365-worldwide) | added |

-| 3/29/2023 | [Understand web apps for Intune](/microsoft-365/solutions/apps-type-web?view=o365-worldwide) | added |

-| 3/28/2023 | [Manage and monitor priority accounts](/microsoft-365/admin/setup/priority-accounts?view=o365-worldwide) | modified |

-| 3/28/2023 | [France national ID card (CNI) entity definition](/microsoft-365/compliance/sit-defn-france-national-id-card?view=o365-worldwide) | modified |

-| 3/28/2023 | [Indonesia identity card (KTP) number entity definition](/microsoft-365/compliance/sit-defn-indonesia-identity-card-number?view=o365-worldwide) | modified |

-| 3/28/2023 | [Portugal citizen card number entity definition](/microsoft-365/compliance/sit-defn-portugal-citizen-card-number?view=o365-worldwide) | modified |

-| 3/28/2023 | [Add several users at the same time to Microsoft 365 - Admin Help](/microsoft-365/enterprise/add-several-users-at-the-same-time?view=o365-worldwide) | modified |

-| 3/28/2023 | [Specify the cloud protection level for Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/specify-cloud-protection-level-microsoft-defender-antivirus?view=o365-worldwide) | modified |

-| 3/28/2023 | [Configure teams with protection for highly sensitive data](/microsoft-365/solutions/configure-teams-highly-sensitive-protection?view=o365-worldwide) | modified |

-| 3/29/2023 | [Zero Trust with Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/zero-trust-with-microsoft-defender-endpoint?view=o365-worldwide) | added |

-| 3/29/2023 | [BehaviorEntities table in the advanced hunting schema](/microsoft-365/security/defender/advanced-hunting-behaviorentities-table?view=o365-worldwide) | added |

-| 3/29/2023 | [BehaviorInfo table in the advanced hunting schema](/microsoft-365/security/defender/advanced-hunting-behaviorinfo-table?view=o365-worldwide) | added |

-| 3/29/2023 | [Zero Trust with Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/zero-trust-with-microsoft-365-defender-office-365?view=o365-worldwide) | added |

-| 3/29/2023 | [Manage device access settings in Basic Mobility and Security](/microsoft-365/admin/basic-mobility-security/manage-device-access-settings?view=o365-worldwide) | modified |

-| 3/29/2023 | [Cortana in Microsoft 365](/microsoft-365/admin/misc/cortana-integration?view=o365-worldwide) | modified |

-| 3/29/2023 | [Upgrade your Office 2010 to Microsoft 365 - Microsoft 365 admin](/microsoft-365/admin/setup/upgrade-users-to-latest-office-client?view=o365-worldwide) | modified |

-| 3/29/2023 | [Get started with Endpoint data loss prevention](/microsoft-365/compliance/endpoint-dlp-getting-started?view=o365-worldwide) | modified |

-| 3/29/2023 | [Common Microsoft Defender for Endpoint API errors](/microsoft-365/security/defender-endpoint/common-errors?view=o365-worldwide) | modified |

-| 3/29/2023 | [Advanced deployment guidance for Microsoft Defender for Endpoint on Linux](/microsoft-365/security/defender-endpoint/comprehensive-guidance-on-linux-deployment?view=o365-worldwide) | modified |

-| 3/29/2023 | [Enable Conditional Access to better protect users, devices, and data](/microsoft-365/security/defender-endpoint/conditional-access?view=o365-worldwide) | modified |

-| 3/29/2023 | [Configure device discovery](/microsoft-365/security/defender-endpoint/configure-device-discovery?view=o365-worldwide) | modified |

-| 3/29/2023 | [Configure exclusions for files opened by specific processes](/microsoft-365/security/defender-endpoint/configure-process-opened-file-exclusions-microsoft-defender-antivirus?view=o365-worldwide) | modified |

-| 3/29/2023 | [Configure Microsoft Defender Antivirus exclusions on Windows Server](/microsoft-365/security/defender-endpoint/configure-server-exclusions-microsoft-defender-antivirus?view=o365-worldwide) | modified |

-| 3/29/2023 | [Configure vulnerability email notifications in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/configure-vulnerability-email-notifications?view=o365-worldwide) | modified |

-| 3/29/2023 | [Deploy Microsoft Defender for Endpoint in rings](/microsoft-365/security/defender-endpoint/deployment-rings?view=o365-worldwide) | modified |

-| 3/29/2023 | [Device discovery frequently asked questions](/microsoft-365/security/defender-endpoint/device-discovery-faq?view=o365-worldwide) | modified |

-| 3/29/2023 | [Device discovery overview](/microsoft-365/security/defender-endpoint/device-discovery?view=o365-worldwide) | modified |

-| 3/29/2023 | [Enable attack surface reduction rules](/microsoft-365/security/defender-endpoint/enable-attack-surface-reduction?view=o365-worldwide) | modified |

-| 3/29/2023 | [Turn on exploit protection to help mitigate against attacks](/microsoft-365/security/defender-endpoint/enable-exploit-protection?view=o365-worldwide) | modified |

-| 3/29/2023 | [Exploit protection reference](/microsoft-365/security/defender-endpoint/exploit-protection-reference?view=o365-worldwide) | modified |

-| 3/29/2023 | [Apply mitigations to help prevent attacks through vulnerabilities](/microsoft-365/security/defender-endpoint/exploit-protection?view=o365-worldwide) | modified |

-| 3/29/2023 | [Find devices by tag API](/microsoft-365/security/defender-endpoint/find-machines-by-tag?view=o365-worldwide) | modified |

-| 3/29/2023 | [List machines API](/microsoft-365/security/defender-endpoint/get-machines?view=o365-worldwide) | modified |

-| 3/29/2023 | [Become a Microsoft Defender for Endpoint partner](/microsoft-365/security/defender-endpoint/get-started-partner-integration?view=o365-worldwide) | modified |

-| 3/29/2023 | [Investigate connection events that occur behind forward proxies](/microsoft-365/security/defender-endpoint/investigate-behind-proxy?view=o365-worldwide) | modified |

-| 3/29/2023 | [Investigate a user account in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/investigate-user?view=o365-worldwide) | modified |

-| 3/29/2023 | [Set preferences for Microsoft Defender for Endpoint on Linux](/microsoft-365/security/defender-endpoint/linux-preferences?view=o365-worldwide) | modified |

-| 3/29/2023 | [Deployment with a different Mobile Device Management (MDM) system for Microsoft Defender for Endpoint on Mac](/microsoft-365/security/defender-endpoint/mac-install-with-other-mdm?view=o365-worldwide) | modified |

-| 3/29/2023 | [Set preferences for Microsoft Defender for Endpoint on Mac](/microsoft-365/security/defender-endpoint/mac-preferences?view=o365-worldwide) | modified |

-| 3/29/2023 | [Create indicators](/microsoft-365/security/defender-endpoint/manage-indicators?view=o365-worldwide) | modified |

-| 3/29/2023 | [Migrating servers from Microsoft Defender for Endpoint to Microsoft Defender for Cloud](/microsoft-365/security/defender-endpoint/migrating-mde-server-to-cloud?view=o365-worldwide) | modified |

-| 3/29/2023 | [Network device discovery and vulnerability management](/microsoft-365/security/defender-endpoint/network-devices?view=o365-worldwide) | modified |

-| 3/29/2023 | [Run live response commands on a device](/microsoft-365/security/defender-endpoint/run-live-response?view=o365-worldwide) | modified |

-| 3/29/2023 | [Troubleshoot Microsoft Defender for Endpoint service issues](/microsoft-365/security/defender-endpoint/troubleshoot-mdatp?view=o365-worldwide) | modified |

-| 3/29/2023 | [Microsoft Defender Antivirus event IDs and error codes](/microsoft-365/security/defender-endpoint/troubleshoot-microsoft-defender-antivirus?view=o365-worldwide) | modified |

-| 3/29/2023 | [Troubleshoot Microsoft Defender for Endpoint onboarding issues](/microsoft-365/security/defender-endpoint/troubleshoot-onboarding?view=o365-worldwide) | modified |

-| 3/29/2023 | [Troubleshoot onboarding issues related to Security Management for Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/troubleshoot-security-config-mgt?view=o365-worldwide) | modified |

-| 3/29/2023 | [Block vulnerable applications](/microsoft-365/security/defender-vulnerability-management/tvm-block-vuln-apps?view=o365-worldwide) | modified |

-| 3/29/2023 | [Create and view exceptions for security recommendations](/microsoft-365/security/defender-vulnerability-management/tvm-exception?view=o365-worldwide) | modified |

-| 3/29/2023 | [Remediate vulnerabilities](/microsoft-365/security/defender-vulnerability-management/tvm-remediation?view=o365-worldwide) | modified |

-| 3/29/2023 | [Zero Trust with Microsoft 365 Defender](/microsoft-365/security/defender/zero-trust-with-microsoft-365-defender?view=o365-worldwide) | modified |

-| 3/29/2023 | [Prevent malware infection](/microsoft-365/security/intelligence/prevent-malware-infection?view=o365-worldwide) | modified |

-| 3/29/2023 | [Tech Support Scams](/microsoft-365/security/intelligence/support-scams?view=o365-worldwide) | modified |

-| 3/29/2023 | [Zero Trust deployment plan with Microsoft 365](/microsoft-365/security/microsoft-365-zero-trust?view=o365-worldwide) | modified |

-| 3/29/2023 | [Remediation actions in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/air-remediation-actions?view=o365-worldwide) | modified |

-| 3/29/2023 | [How EOP validates the From address to prevent phishing](/microsoft-365/security/office-365-security/anti-phishing-from-email-address-validation?view=o365-worldwide) | modified |

-| 3/29/2023 | [Attack simulation training deployment considerations and FAQ](/microsoft-365/security/office-365-security/attack-simulation-training-faq?view=o365-worldwide) | modified |

-| 3/29/2023 | [Protection features in Azure Information Protection rolling out to existing tenants](/microsoft-365/security/office-365-security/azure-ip-protection-features?view=o365-worldwide) | modified |

-| 3/29/2023 | [Create safe sender lists](/microsoft-365/security/office-365-security/create-safe-sender-lists-in-office-365?view=o365-worldwide) | modified |

-| 3/29/2023 | [Detect and remediate the Outlook rules and custom forms injections attacks.](/microsoft-365/security/office-365-security/detect-and-remediate-outlook-rules-forms-attack?view=o365-worldwide) | modified |

-| 3/29/2023 | [Troubleshooting mail sent to Microsoft 365](/microsoft-365/security/office-365-security/mail-flow-troubleshooting?view=o365-worldwide) | modified |

-| 3/29/2023 | [Microsoft Defender for Office 365 email entity page](/microsoft-365/security/office-365-security/mdo-email-entity-page?view=o365-worldwide) | modified |

-| 3/29/2023 | [Landing pages in Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-landing-pages?view=o365-worldwide) | added |

-| 3/29/2023 | [End-user notifications for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-end-user-notifications?view=o365-worldwide) | modified |

-| 3/29/2023 | [Get started using Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-get-started?view=o365-worldwide) | modified |

-| 3/29/2023 | [Insights and reports Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-insights?view=o365-worldwide) | modified |

-| 3/29/2023 | [Login pages in Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-login-pages?view=o365-worldwide) | modified |

-| 3/29/2023 | [Payload automations for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-payload-automations?view=o365-worldwide) | modified |

-| 3/29/2023 | [Payloads in Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-payloads?view=o365-worldwide) | modified |

-| 3/29/2023 | [Simulation automations for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-simulation-automations?view=o365-worldwide) | modified |

-| 3/29/2023 | [Simulate a phishing attack with Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-simulations?view=o365-worldwide) | modified |

-| 3/29/2023 | [Training campaigns in Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-training-campaigns?view=o365-worldwide) | modified |

-| 3/29/2023 | [Microsoft Defender for Office 365 support for Microsoft Teams (Preview)](/microsoft-365/security/office-365-security/mdo-support-teams-about?view=o365-worldwide) | modified |

-| 3/29/2023 | [Configure teams with protection for highly sensitive data](/microsoft-365/solutions/configure-teams-highly-sensitive-protection?view=o365-worldwide) | modified |

-| 3/29/2023 | [Configure teams with protection for sensitive data](/microsoft-365/solutions/configure-teams-sensitive-protection?view=o365-worldwide) | modified |

-| 3/29/2023 | [Determine if Centralized Deployment of add-ins works for your organization](/microsoft-365/admin/manage/centralized-deployment-of-add-ins?view=o365-worldwide) | modified |

-| 3/29/2023 | [How to secure your business data with Microsoft 365](/microsoft-365/business-premium/secure-your-business-data?view=o365-worldwide) | modified |

-| 3/29/2023 | [Resources for Microsoft partners working with small and medium-sized businesses](/microsoft-365/security/defender-business/mdb-partners?view=o365-worldwide) | modified |

-| 3/30/2023 | [Data Loss Prevention policy tips reference](/microsoft-365/compliance/dlp-policy-tips-reference?view=o365-worldwide) | modified |

-| 3/30/2023 | [Virtual Appointments with Teams - Integration into Oracle Health EHR](/microsoft-365/frontline/ehr-admin-oracle-health?view=o365-worldwide) | modified |

-| 3/30/2023 | [Simulation automations for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-simulation-automations?view=o365-worldwide) | modified |

-| 3/30/2023 | [Microsoft Teams in Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-teams?view=o365-worldwide) | added |

-| 3/30/2023 | [Allow or block URLs using the Tenant Allow/Block List](/microsoft-365/security/office-365-security/tenant-allow-block-list-urls-configure?view=o365-worldwide) | modified |

-| 3/31/2023 | [macOS Device control policies frequently asked questions (FAQ)](/microsoft-365/security/defender-endpoint/mac-device-control-faq?view=o365-worldwide) | added |

-| 3/31/2023 | [Endpoint detection and response in block mode](/microsoft-365/security/defender-endpoint/edr-in-block-mode?view=o365-worldwide) | modified |

-| 3/31/2023 | [Deploy and manage Device Control using Intune](/microsoft-365/security/defender-endpoint/mac-device-control-intune?view=o365-worldwide) | modified |

-| 3/31/2023 | [Deploy and manage device control using JAMF](/microsoft-365/security/defender-endpoint/mac-device-control-jamf?view=o365-worldwide) | modified |

-| 3/31/2023 | [Device control for macOS](/microsoft-365/security/defender-endpoint/mac-device-control-overview?view=o365-worldwide) | modified |

-| 3/31/2023 | [Errors during admin submissions](/microsoft-365/security/office-365-security/submissions-error-messages?view=o365-worldwide) | modified |

-| 3/31/2023 | [Allow or block URLs using the Tenant Allow/Block List](/microsoft-365/security/office-365-security/tenant-allow-block-list-urls-configure?view=o365-worldwide) | modified |

-| 3/31/2023 | [Overview of Copilot for Microsoft Syntex](/microsoft-365/syntex/syntex-copilot) | modified |

-| 3/31/2023 | [Turn pronouns on or off for your organization in the Microsoft 365 admin center](/microsoft-365/admin/add-users/turn-pronouns-on-or-off?view=o365-worldwide) | modified |

-| 3/31/2023 | [Use communication compliance reports and audits](/microsoft-365/compliance/communication-compliance-reports-audits?view=o365-worldwide) | modified |

-| 3/31/2023 | [What's new in Microsoft Purview risk and compliance solutions](/microsoft-365/compliance/whats-new?view=o365-worldwide) | modified |

-| 3/31/2023 | [Service advisories for auto-expanding archive utilization in Exchange Online monitoring](/microsoft-365/enterprise/microsoft-365-exo-archive-advisory?view=o365-worldwide) | modified |

-| 3/31/2023 | [Printer Protection frequently asked questions](/microsoft-365/security/defender-endpoint/printer-protection-frequently-asked-questions?view=o365-worldwide) | modified |

-| 3/31/2023 | [Schedule regular quick and full scans with Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/schedule-antivirus-scans?view=o365-worldwide) | modified |

-```bash

-echo -c >> /etc/audit/rules.d/audit.rules

-augenrules --load

-```

-## Application installation (macOS 10.15)

-To complete this process, you must have admin privileges on the device.

-1. Navigate to the downloaded wdav.pkg in Finder and open it.

- :::image type="content" source="images/mdatp-28-appinstall.png" alt-text="The installation of the application" lightbox="images/mdatp-28-appinstall.png":::

-2. Select **Continue**, agree with the License terms, and enter the password when prompted.

- :::image type="content" source="images/mdatp-29-appinstalllogin.png" alt-text="The application installation" lightbox="images/mdatp-29-appinstalllogin.png":::

- > [!IMPORTANT]

- > You will be prompted to allow a driver from Microsoft to be installed (either "System Extension Blocked" or "Installation is on hold" or both. The driver must be allowed to be installed.

- :::image type="content" source="images/mdatp-30-systemextension.png" alt-text="The application's installation" lightbox="images/mdatp-30-systemextension.png":::

-3. Select **Open Security Preferences** or **Open System Preferences > Security & Privacy**. Select **Allow**:

- :::image type="content" source="images/mdatp-31-securityprivacysettings.png" alt-text="The Security and privacy window" lightbox="images/mdatp-31-securityprivacysettings.png":::

- The installation proceeds.

- > [!CAUTION]

- > If you don't select **Allow**, the installation will proceed after 5 minutes. Microsoft Defender for Endpoint will be loaded, but some features, such as real-time protection, will be disabled. See [Troubleshoot kernel extension issues](mac-support-kext.md) for information on how to resolve this.

-> [!NOTE]

-> macOS may request to reboot the device upon the first installation of Microsoft Defender for Endpoint. Real-time protection will not be available until the device is rebooted.

-7. [Approve Kernel extension for Microsoft Defender for Endpoint](#step-7-approve-kernel-extension-for-microsoft-defender-for-endpoint)

-8. [Approve System extensions for Microsoft Defender for Endpoint](#step-8-approve-system-extensions-for-microsoft-defender-for-endpoint)

-9. [Configure Network Extension](#step-9-configure-network-extension)

-10. [Configure Background Services](#step-10-configure-background-services)

-11. [Schedule scans with Microsoft Defender for Endpoint on macOS](/windows/security/threat-protection/microsoft-defender-atp/mac-schedule-scan-atp)

-12. [Deploy Microsoft Defender for Endpoint on macOS](#step-12-deploy-microsoft-defender-for-endpoint-on-macos)

-## Step 7: Approve Kernel extension for Microsoft Defender for Endpoint

-> [!CAUTION]

-> Apple Silicon (M1) devices do not support KEXT. Installation of a configuration profile consisting KEXT policies will fail on these devices.

-1. In the **Configuration Profiles**, select **+ New**.

- :::image type="content" source="images/6c8b406ee224335a8c65d06953dc756e.png" alt-text="The social media post Description automatically generated." lightbox="images/6c8b406ee224335a8c65d06953dc756e.png":::

-2. Enter the following details on the **General** tab:

- - Name: MDATP MDAV Kernel Extension

- - Description: MDATP kernel extension (kext)

- - Category: None

- - Distribution Method: Install Automatically

- - Level: Computer Level

- :::image type="content" source="images/24e290f5fc309932cf41f3a280d22c14.png" alt-text="The configuration settings mdatpmdav kernel." lightbox="images/24e290f5fc309932cf41f3a280d22c14.png":::

-3. In **Configure Approved Kernel Extensions** select **Configure**.

- :::image type="content" source="images/30be88b63abc5e8dde11b73f1b1ade6a.png" alt-text="The page displaying the configuration settings approved kernel extensions." lightbox="images/30be88b63abc5e8dde11b73f1b1ade6a.png":::

-4. In **Approved Kernel Extensions**, enter the following details:

- - Display Name: Microsoft Corp.

- - Team ID: UBF8T346G9

- :::image type="content" source="images/39cf120d3ac3652292d8d1b6d057bd60.png" alt-text="The Approved Kernel Extensions pane." lightbox="images/39cf120d3ac3652292d8d1b6d057bd60.png":::

-5. Select the **Scope** tab.

- :::image type="content" source="images/0df36fc308ba569db204ee32db3fb40a.png" alt-text="The Scope tab for the configuration." lightbox="images/0df36fc308ba569db204ee32db3fb40a.png":::

-6. Select **+ Add**.

-7. Select **Computer Groups** > under **Group Name** > select **Contoso's Machine Group**.

-8. Select **+ Add**.

- :::image type="content" source="images/0dde8a4c41110dbc398c485433a81359.png" alt-text="The page on which you define additional values for the configuration settings." lightbox="images/0dde8a4c41110dbc398c485433a81359.png":::

-9. Select **Save**.

- :::image type="content" source="images/0add8019b85a453b47fa5c402c72761b.png" alt-text="The MDATP MDAV Kernel extension." lightbox="images/0add8019b85a453b47fa5c402c72761b.png":::

-10. Select **Done**.

- :::image type="content" source="images/1c9bd3f68db20b80193dac18f33c22d0.png" alt-text="The Configuration Profiles details page." lightbox="images/1c9bd3f68db20b80193dac18f33c22d0.png":::

-Alternatively, you can download [kext.mobileconfig](https://github.com/microsoft/mdatp-xplat/blob/master/macos/mobileconfig/profiles/kext.mobileconfig) and upload it to JAMF Configuration Profiles as described in [Deploying Custom Configuration Profiles using Jamf Pro|Method 2: Upload a Configuration Profile to Jamf Pro](https://www.jamf.com/jamf-nation/articles/648/deploying-custom-configuration-profiles-using-jamf-pro).

-## Step 8: Approve System extensions for Microsoft Defender for Endpoint

-## Step 9: Configure Network Extension

-## Step 10: Configure Background Services

-## Step 11: Schedule scans with Microsoft Defender for Endpoint on macOS

-## Step 12: Deploy Microsoft Defender for Endpoint on macOS

-description: Learn bout onboarding Windows devices to Defender for Endpoint in Azure Virtual Desktop

-Defender for Identity pulls tags out of Active Directory to give you a single interface for monitoring your Active Directory users and entities. These tags provide you with information about the entity from Active Directory, including:

-If your organization has Microsoft 365 E5 or Microsoft Defender for Office 365 Plan 2, which includes [Threat Investigation and Response capabilities](office-365-ti.md), you can use Attack simulation training in the Microsoft 365 Defender portal to run realistic attack scenarios in your organization. These simulated attacks can help you identify and find vulnerable users before a real attack impacts your bottom line. Read this article to learn more.

-

-In Microsoft 365 organizations with mailboxes in Exchange Online or Microsoft Teams, or in standalone Exchange Online Protection (EOP) organizations without Exchange Online mailboxes or Teams, quarantine holds potentially dangerous or unwanted messages that were detected by EOP and Defender for Office 365.

- - Select the message from the list by selecting the check box next to the first column. The available actions are no longer grayed out.

-For the preview release, this feature is enabled by default.

-> [!NOTE]

-> Quarantine in Microsoft Teams is available only to customers with Microsoft Defender for Office 365 E5 and Defender for Office P2 subscriptions.

- :::image type="content" source="../../media/admin-quarantine-teams-message-tab.png" alt-text="Screenshot of the Teams messages tab in quarantine." lightbox="../../media/admin-quarantine-teams-message-tab.png":::

- - Select the message from the list by selecting the check box next to the first column. The available actions are no longer grayed out.

- - Select the message from the list by selecting the check box next to the first column. The available actions are no longer grayed out.

- - **Limited access**: The individual permissions that are included in this permission group are described in the [Appendix](#appendix) section. Basically, users can do anything to their quarantined messages except release them from quarantine without admin approval.

- > [!Note]

-description: Admins can learn how to find and use the email security reports that are available in the Microsoft 365 Defender portal. This article helps answer the question What is the The Threat protection status report in Microsoft Defender for Office 365?

- On the **Advanced delivery** page, verify that the **SecOps mailbox** tab is selected.

- On the **Advanced delivery** page, verify that the **SecOps mailbox** tab is selected.

- On the **Advanced delivery** page, select the **Phishing simulation** tab.

- On the **Advanced delivery** page, select the **Phishing simulation** tab.

-description: The steps to handle legitimate email getting blocked(False Positive) by Microsoft Defender for Office 365 in order to prevent lose of business.

-search.product:

-search.product:

-search.product:

-search.product:

-search.product:

-search.product:

-search.product:

-description: Describes the Teams Message Entity Panel for Microsoft Teams in Microsoft Defender for Office 365, how it does post-breach work like ZAP and Safelinks and gives admins a single pane of glass on Teams chat and channel threats like suspicious URLs.

-The **message details** section contains the threats suspected, confidence level, and the message location. This is also the location where admins can view the sender address, the time the message was recieved and the detection technology. It also includes the Teams Message ID, which can be used as an indentifer of a Teams message in Microsoft Defender for Office 365.

-> Allow entries of this pattern are supported only from [advanced delivery configuration](skip-filtering-phishing-simulations-sec-ops-mailboxes.md).

-> Allow entries of this pattern are supported only from [advanced delivery configuration](skip-filtering-phishing-simulations-sec-ops-mailboxes.md).

-> Allow entries of this pattern are supported only from [advanced delivery configuration](skip-filtering-phishing-simulations-sec-ops-mailboxes.md).

-> Allow entries of this pattern are supported only from [advanced delivery configuration](skip-filtering-phishing-simulations-sec-ops-mailboxes.md).

-If your organization has [Microsoft Defender for Office 365](defender-for-office-365.md), and you have the [necessary permissions](#required-licenses-and-permissions), you have either **Explorer** or **Real-time detections** (formerly *Real-time reports* ΓÇö [see what's new](#new-features-in-threat-explorer-and-real-time-detections)!).