Updates from: 08/01/2023 03:15:31
Category Microsoft Docs article Related commit history on GitHub Change details
threat-intelligence Gathering Threat Intelligence And Infrastructure Chaining https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/defender/threat-intelligence/gathering-threat-intelligence-and-infrastructure-chaining.md
But because our virtual users capture the DOM and find all the dynamic links and
![Tutorial Infra Chain My Piltowcom 2 Whois](media/tutorialInfraChainMyPiltowcom2Whois.png) 2. mypiltow[.]com
- 3. If you select the Whois record from October of 2018, you will find that mypiltow[.]com was registered in Hong Kong, China and is privacy protected by Domain ID Shield Service CO.
+ 3. If you select the Whois record from October of 2018, you will find that mypiltow[.]com was registered in Hong Kong SAR, China and is privacy protected by Domain ID Shield Service CO.
4. mypiltow[.]comΓÇÖs registrar is OnlineNIC, Inc. ![Tutorial Infra Chain My Piltowcom 2 Whois](media/tutorialInfraChainMyPiltowcom2Whois.png)
admin About Shared Mailboxes https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/email/about-shared-mailboxes.md
Before you [create a shared mailbox](create-a-shared-mailbox.md), here are some
- **Signing in:** A shared mailbox is not intended for direct sign-in by its associated user account. You should always block sign-in for the shared mailbox account and keep it blocked. -- **Too many users:** When there are too many designated users concurrently accessing a shared mailbox (no more than 25 is recommended), they may intermittently fail to connect to this mailbox or have inconsistencies like messages being duplicated in the outbox. In this case, you can consider reducing the number of users or using a different workload, such as a Microsoft 365 group or a Public folder.
+- **Too many users:** When there are too many designated users concurrently accessing a shared mailbox (the max supported is 25), they may intermittently fail to connect to this mailbox or have inconsistencies like messages being duplicated in the outbox. In this case, you can consider reducing the number of users or using a different workload, such as a Microsoft 365 group or a Public folder.
- **Message deletion:** Unfortunately, you can't prevent people from deleting messages in a shared mailbox. The only way around this is to [create a Microsoft 365 group](/microsoft-365/admin/create-groups/create-groups) instead of a shared mailbox. A group in Outlook is like a shared mailbox. For a comparison of the two, see [Compare groups](../create-groups/compare-groups.md). To learn more about groups, see [Learn about Microsoft 365 groups](https://support.microsoft.com/office/b565caa1-5c40-40ef-9915-60fdb2d97fa2).
commerce Tax Information https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/billing-and-payments/tax-information.md
You might qualify for VAT zero-rating if:
- **You're in Armenia, Belarus, Norway, Turkey, or United Arab Emirates:** You can provide your local VAT ID. This entitles Microsoft Ireland Operations Ltd. to VAT zero-rate the transaction. However, you may have a local VAT accounting obligation, so please check with your tax advisors if you have any concerns. For instructions, see [Add your VAT ID](#add-your-vat-id).
-## Asia Pacific countries (APAC)
+## Asia Pacific countries/regions (APAC)
If you're billed by the Microsoft Regional Sales office, "Microsoft Regional Sales Pte. Ltd." appears on your invoice, and you might be charged for any applicable value-added, sales, or similar taxes.
enterprise M365 Dr Workload Other https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/m365-dr-workload-other.md
Use the following guidance to determine where your data is located. Please refer
Please refer to [Azure Active Directory Data Locations](https://aka.ms/aaddatamap). ### Forms
-Tenants in EU member Countries maintain data in Macro Region Geography 1 ΓÇô EMEA. All other tenants have customer data stored in the United States, except Australia. For customers in Australia, Microsoft Forms customer data will be stored at rest in Australia for all new tenants using Forms and existing tenants that have not previously used Forms.
+Tenants in EU member Countries/regions maintain data in Macro Region Geography 1 ΓÇô EMEA. All other tenants have customer data stored in the United States, except Australia. For customers in Australia, Microsoft Forms customer data will be stored at rest in Australia for all new tenants using Forms and existing tenants that have not previously used Forms.
### Intune Refer to endpoint.microsoft.com, Tenant Administration | Tenant Status for existing tenants. If you do not have an existing tenant, create a trial tenant and provision Intune. Microsoft will not store Intune customer data at rest outside the stated geo, except if:
enterprise Microsoft 365 Exchange Monitoring Service Advisories https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/microsoft-365-exchange-monitoring-service-advisories.md
+
+ Title: "Service advisories for eDiscovery cmdlet exception spike in Exchange Online monitoring"
+++ Last updated : 07/28/2023
+audience: Admin
++
+ms.localizationpriority: medium
+search.appverid:
+- MET150
+
+- scotvorg
+- Ent_O365
+- Strat_O365_Enterprise
+
+f1.keywords:
+- NOCSH
+description: "Service advisory explains surge in eDiscovery cmdlet exceptions affecting Compliance Search PowerShell cmdlets.."
+++
+# Service advisories for eDiscovery cmdlet exception spike in Exchange Online monitoring
+
+We've released a new Exchange Online service advisory that informs you regarding spike in eDiscovery cmdlet exceptions. The purpose of these advisories is to provide visibility into reasons behind user difficulties in submitting Compliance Search PowerShell cmdlets.
+
+These service advisories are displayed in the Microsoft 365 admin center. To view these service advisories, go to **Health** > **Service health** > **Exchange Online**. Here's an example of eDiscovery service advisory.
+
+![Ediscovery Service Advisory.](../media/Microsoft-365-ediscovery-service-advisory.png)
+
+## What does this service advisory indicate?
+
+The advisory informs administrators about the issue and its potential impact on eDiscovery operations. It highlights that users encounter errors when executing Compliance Search cmdlets due to invalid search queries which can hinder their ability to perform necessary eDiscovery tasks effectively.
+
+For guidance on how to create a compliance search query, please reference: [New-ComplianceSearch (ExchangePowerShell) | Microsoft Learn](/powershell/module/exchange/new-compliancesearch?view=exchange-ps)
+
+For guidance on keyword queries and search conditions, please reference: [Keyword queries and search conditions for eDiscovery - Microsoft Purview (compliance) | Microsoft Learn](/purview/ediscovery-keyword-queries-and-search-conditions?view=o365-worldwide)
+
+## How often will I see these service advisories?
+
+Once the spike in eDiscovery cmdlet exceptions is resolved, the advisory will be updated accordingly or removed from the service health dashboard.
enterprise Microsoft 365 U S Government Dod Endpoints https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/microsoft-365-u-s-government-dod-endpoints.md
Title: Office 365 US Government DOD endpoints
Previously updated : 06/29/2023 Last updated : 07/31/2023 audience: ITPro
Office 365 requires connectivity to the Internet. The endpoints below should be
|Notes|Download| |||
-|**Last updated:** 06/29/2023 - ![RSS.](../media/5dc6bb29-25db-4f44-9580-77c735492c4b.png) [Change Log subscription](https://endpoints.office.com/version/USGOVDoD?allversions=true&format=rss&clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7)|**Download:** the full list in [JSON format](https://endpoints.office.com/endpoints/USGOVDoD?clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7)|
+|**Last updated:** 07/31/2023 - ![RSS.](../media/5dc6bb29-25db-4f44-9580-77c735492c4b.png) [Change Log subscription](https://endpoints.office.com/version/USGOVDoD?allversions=true&format=rss&clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7)|**Download:** the full list in [JSON format](https://endpoints.office.com/endpoints/USGOVDoD?clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7)|
| Start with [Managing Office 365 endpoints](managing-office-365-endpoints.md) to understand our recommendations for managing network connectivity using this data. Endpoints data is updated as needed at the beginning of each month with new IP Addresses and URLs published 30 days in advance of being active. This lets customers who don't yet have automated updates to complete their processes before new connectivity is required. Endpoints may also be updated during the month if needed to address support escalations, security incidents, or other immediate operational requirements. The data shown on this page below is all generated from the REST-based web services. If you're using a script or a network device to access this data, you should go to the [Web service](microsoft-365-ip-web-service.md) directly.
enterprise Microsoft 365 U S Government Gcc High Endpoints https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/microsoft-365-u-s-government-gcc-high-endpoints.md
Title: "Office 365 U.S. Government GCC High endpoints"
Previously updated : 06/29/2023 Last updated : 07/31/2023 audience: ITPro
Office 365 requires connectivity to the Internet. The endpoints below should be
|Notes|Download| |||
-|**Last updated:** 06/29/2023 - ![RSS.](../media/5dc6bb29-25db-4f44-9580-77c735492c4b.png) [Change Log subscription](https://endpoints.office.com/version/USGOVGCCHigh?allversions=true&format=rss&clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7)|**Download:** the full list in [JSON format](https://endpoints.office.com/endpoints/USGOVGCCHigh?clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7)|
+|**Last updated:** 07/31/2023 - ![RSS.](../media/5dc6bb29-25db-4f44-9580-77c735492c4b.png) [Change Log subscription](https://endpoints.office.com/version/USGOVGCCHigh?allversions=true&format=rss&clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7)|**Download:** the full list in [JSON format](https://endpoints.office.com/endpoints/USGOVGCCHigh?clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7)|
| Start with [Managing Office 365 endpoints](managing-office-365-endpoints.md) to understand our recommendations for managing network connectivity using this data. Endpoints data is updated as needed at the beginning of each month with new IP Addresses and URLs published 30 days in advance of being active. This lets customers who don't yet have automated updates to complete their processes before new connectivity is required. Endpoints may also be updated during the month if needed to address support escalations, security incidents, or other immediate operational requirements. The data shown on this page below is all generated from the REST-based web services. If you're using a script or a network device to access this data, you should go to the [Web service](microsoft-365-ip-web-service.md) directly.
enterprise Microsoft 365 Vpn Split Tunnel https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/microsoft-365-vpn-split-tunnel.md
To help you prevent the accidental disclosure of sensitive information, Microsof
In addition to the tenant restrictions feature noted in Q1, [conditional access policies](/azure/active-directory/conditional-access/overview) can be applied to dynamically assess the risk of an authentication request and react appropriately. Microsoft recommends the [Zero Trust model](https://www.microsoft.com/security/zero-trust?rtc=1) is implemented over time and we can use Azure AD conditional access policies to maintain control in a mobile and cloud-first world. Conditional access policies can be used to make a real-time decision on whether an authentication request is successful based on numerous factors such as: - Device, is the device known/trusted/Domain joined?-- IP ΓÇô is the authentication request coming from a known corporate IP address? Or from a country we do not trust?
+- IP ΓÇô is the authentication request coming from a known corporate IP address? Or from a country/region we do not trust?
- Application ΓÇô Is the user authorized to use this application? We can then trigger policy such as approve, trigger MFA or block authentication based on these policies.
Port 80 is only used for things like redirect to a port 443 session, no customer
### Does this advice apply to users in China using a worldwide instance of Microsoft 365?
-**No**, it does not. The one caveat to the above advice is users in the PRC who are connecting to a worldwide instance of Microsoft 365. Due to the common occurrence of cross border network congestion in the region, direct Internet egress performance can be variable. Most customers in the region operate using a VPN to bring the traffic into the corporate network and utilize their authorized MPLS circuit or similar to egress outside the country via an optimized path. This is outlined further in the article [Microsoft 365 performance optimization for China users](microsoft-365-networking-china.md).
+**No**, it does not. The one caveat to the above advice is users in the PRC who are connecting to a worldwide instance of Microsoft 365. Due to the common occurrence of cross border network congestion in the region, direct Internet egress performance can be variable. Most customers in the region operate using a VPN to bring the traffic into the corporate network and utilize their authorized MPLS circuit or similar to egress outside the country/region via an optimized path. This is outlined further in the article [Microsoft 365 performance optimization for China users](microsoft-365-networking-china.md).
### Does split-tunnel configuration work for Teams running in a browser?
enterprise O365 Data Locations https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/o365-data-locations.md
Previously updated : 06/22/2023 Last updated : 07/31/2023 audience: ITPro
enterprise Urls And Ip Address Ranges 21Vianet https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/urls-and-ip-address-ranges-21vianet.md
Title: "URLs and IP address ranges for Office 365 operated by 21Vianet"
Previously updated : 06/29/2023 Last updated : 07/31/2023 audience: ITPro
hideEdit: true
**Office 365 endpoints:** [Worldwide (including GCC)](urls-and-ip-address-ranges.md) | *Office 365 operated by 21 Vianet* | [Office 365 U.S. Government DoD](microsoft-365-u-s-government-dod-endpoints.md) | [Office 365 U.S. Government GCC High](microsoft-365-u-s-government-gcc-high-endpoints.md) |
-**Last updated:** 06/29/2023 - ![RSS.](../media/5dc6bb29-25db-4f44-9580-77c735492c4b.png) [Change Log subscription](https://endpoints.office.com/version/China?allversions=true&format=rss&clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7)
+**Last updated:** 07/31/2023 - ![RSS.](../media/5dc6bb29-25db-4f44-9580-77c735492c4b.png) [Change Log subscription](https://endpoints.office.com/version/China?allversions=true&format=rss&clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7)
**Download:** all required and optional destinations in one [JSON formatted](https://endpoints.office.com/endpoints/China?clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7) list.
-Start with [Managing Office 365 endpoints](managing-office-365-endpoints.md) to understand our recommendations for managing network connectivity using this data. Endpoints data is updated as needed at the beginning of each month with new IP Addresses and URLs published 30 days in advance of being active. This allows for customers who do not yet have automated updates to complete their processes before new connectivity is required. Endpoints may also be updated during the month if needed to address support escalations, security incidents, or other immediate operational requirements. The data shown on this page below is all generated from the REST-based web services. If you are using a script or a network device to access this data, you should go to the [Web service](microsoft-365-ip-web-service.md) directly.
+Start with [Managing Office 365 endpoints](managing-office-365-endpoints.md) to understand our recommendations for managing network connectivity using this data. Endpoints data is updated as needed at the beginning of each month with new IP Addresses and URLs published 30 days in advance of being active. This allows for customers who don't yet have automated updates to complete their processes before new connectivity is required. Endpoints may also be updated during the month if needed to address support escalations, security incidents, or other immediate operational requirements. The data shown on this page below is all generated from the REST-based web services. If you're using a script or a network device to access this data, you should go to the [Web service](microsoft-365-ip-web-service.md) directly.
-Endpoint data below lists requirements for connectivity from a userΓÇÖs machine to Office 365. It does not include network connections from Microsoft into a customer network, sometimes called hybrid or inbound network connections.
+Endpoint data below lists requirements for connectivity from a userΓÇÖs machine to Office 365. It doesn't include network connections from Microsoft into a customer network, sometimes called hybrid or inbound network connections.
The endpoints are grouped into four service areas. The first three service areas can be independently selected for connectivity. The fourth service area is a common dependency (called Microsoft 365 Common and Office) and must always have network connectivity.
Data columns shown are:
- **ID**: The ID number of the row, also known as an endpoint set. This ID is the same as is returned by the web service for the endpoint set. -- **Category**: Shows whether the endpoint set is categorized as ΓÇ£OptimizeΓÇ¥, ΓÇ£AllowΓÇ¥, or ΓÇ£DefaultΓÇ¥. You can read about these categories and guidance for management of them at [https://aka.ms/pnc](./microsoft-365-network-connectivity-principles.md). This column also lists which endpoint sets are required to have network connectivity. For endpoint sets which are not required to have network connectivity, we provide notes in this field to indicate what functionality would be missing if the endpoint set is blocked. If you are excluding an entire service area, the endpoint sets listed as required do not require connectivity.
+- **Category**: Shows whether the endpoint set is categorized as ΓÇ£OptimizeΓÇ¥, ΓÇ£AllowΓÇ¥, or ΓÇ£DefaultΓÇ¥. You can read about these categories and guidance for management of them at [https://aka.ms/pnc](./microsoft-365-network-connectivity-principles.md). This column also lists which endpoint sets are required to have network connectivity. For endpoint sets which aren't required to have network connectivity, we provide notes in this field to indicate what functionality would be missing if the endpoint set is blocked. If you're excluding an entire service area, the endpoint sets listed as required don't require connectivity.
-- **ER**: This is **Yes** if the endpoint set is supported over Azure ExpressRoute with Office 365 route prefixes. The BGP community that includes the route prefixes shown aligns with the service area listed. When ER is **No**, this means that ExpressRoute is not supported for this endpoint set. However, it should not be assumed that no routes are advertised for an endpoint set where ER is **No**.
+- **ER**: This is **Yes** if the endpoint set is supported over Azure ExpressRoute with Office 365 route prefixes. The BGP community that includes the route prefixes shown aligns with the service area listed. When ER is **No**, this means that ExpressRoute isn't supported for this endpoint set. However, it shouldn't be assumed that no routes are advertised for an endpoint set where ER is **No**.
- **Addresses**: Lists the FQDNs or wildcard domain names and IP Address ranges for the endpoint set. Note that an IP Address range is in CIDR format and may include many individual IP Addresses in the specified network.
enterprise Urls And Ip Address Ranges https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/urls-and-ip-address-ranges.md
Title: "Office 365 URLs and IP address ranges"
Previously updated : 06/29/2023 Last updated : 07/31/2023 audience: Admin
Office 365 requires connectivity to the Internet. The endpoints below should be
|Notes|Download|Use| ||||
-|**Last updated:** 06/29/2023 - ![RSS.](../medi#pacfiles)|
+|**Last updated:** 07/31/2023 - ![RSS.](../medi#pacfiles)|
| Start with [Managing Office 365 endpoints](managing-office-365-endpoints.md) to understand our recommendations for managing network connectivity using this data. Endpoints data is updated as needed at the beginning of each month with new IP Addresses and URLs published 30 days in advance of being active. This cadence allows for customers who don't yet have automated updates to complete their processes before new connectivity is required. Endpoints may also be updated during the month if needed to address support escalations, security incidents, or other immediate operational requirements. The data shown on this page below is all generated from the REST-based web services. If you're using a script or a network device to access this data, you should go to the [Web service](microsoft-365-ip-web-service.md) directly.
frontline Deploy Dynamic Teams At Scale https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/frontline/deploy-dynamic-teams-at-scale.md
Last updated 07/12/2023
## Overview >[!IMPORTANT]
->This feature will begin rolling out for public preview in July 2023.
+>This feature will begin rolling out for public preview in July 2023. If you would like to provide feedback and improve this feature while in preview, please fill out [this form](https://forms.microsoft.com/r/DWaJXA6Dax)
Frontline teams are a collection of people, content, and tools within an organization for different frontline worker locations. Membership of frontline dynamic teams is determined and managed by a set of Azure Active Directory (Azure AD) attributes. [Learn more about Azure AD attributes](/azure/active-directory/external-identities/customers/how-to-define-custom-attributes).
includes Microsoft 365 Content Updates https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/includes/microsoft-365-content-updates.md
+## Week of July 24, 2023
++
+| Published On |Topic title | Change |
+|||--|
+| 7/24/2023 | [Manage auto-claim policies in the Microsoft 365 admin center](/microsoft-365/commerce/licenses/manage-auto-claim-policies?view=o365-worldwide) | modified |
+| 7/24/2023 | [Collaborate with guests from other Microsoft 365 cloud environments](/microsoft-365/solutions/collaborate-guests-cross-cloud?view=o365-worldwide) | added |
+| 7/24/2023 | [Microsoft Defender Antivirus security intelligence and product updates](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-updates?view=o365-worldwide) | modified |
+| 7/25/2023 | [Use the streaming API (preview) with Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-streaming-api?view=o365-worldwide) | added |
+| 7/25/2023 | [Manage schedule owners for shift management](/microsoft-365/frontline/schedule-owner-for-shift-management?view=o365-worldwide) | modified |
+| 7/25/2023 | Identify Defender for Endpoint architecture and deployment method | removed |
+| 7/25/2023 | [Resources for Microsoft Defender for Endpoint on Mac](/microsoft-365/security/defender-endpoint/mac-resources?view=o365-worldwide) | modified |
+| 7/26/2023 | [What's new in Microsoft Defender for Endpoint on Linux](/microsoft-365/security/defender-endpoint/linux-whatsnew?view=o365-worldwide) | modified |
+| 7/26/2023 | [Hide the Microsoft Defender Antivirus interface](/microsoft-365/security/defender-endpoint/prevent-end-user-interaction-microsoft-defender-antivirus?view=o365-worldwide) | modified |
+| 7/26/2023 | [Overview of Syntex File Q&A for Copilot (Preview)](/microsoft-365/syntex/copilot-syntex) | modified |
+| 7/26/2023 | [Cross-tenant mailbox migration](/microsoft-365/enterprise/cross-tenant-mailbox-migration?view=o365-worldwide) | modified |
+| 7/26/2023 | [Deploy frontline dynamic teams at scale](/microsoft-365/frontline/deploy-dynamic-teams-at-scale?view=o365-worldwide) | modified |
+| 7/26/2023 | [User reported message settings in Teams](/microsoft-365/security/office-365-security/submissions-teams?view=o365-worldwide) | modified |
+| 7/27/2023 | [Overview of image tagging in Microsoft Syntex](/microsoft-365/syntex/image-tagging-overview) | added |
+| 7/27/2023 | [Set up and manage image tagging in Microsoft Syntex](/microsoft-365/syntex/image-tagging-setup) | added |
+| 7/27/2023 | [Attack surface reduction rules reference](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference?view=o365-worldwide) | modified |
+| 7/27/2023 | [Hardware and firmware assessment methods and properties per device](/microsoft-365/security/defender-endpoint/export-firmware-hardware-assessment?view=o365-worldwide) | modified |
+| 7/27/2023 | [Compare Microsoft Defender Vulnerability Management plans and capabilities](/microsoft-365/security/defender-vulnerability-management/defender-vulnerability-management-capabilities?view=o365-worldwide) | modified |
+| 7/27/2023 | [Find and manage images using image tagging in Microsoft Syntex](/microsoft-365/syntex/image-tagging) | modified |
+| 7/27/2023 | [Overview of Microsoft Syntex](/microsoft-365/syntex/syntex-overview) | modified |
+| 7/27/2023 | [Run the client analyzer on macOS or Linux](/microsoft-365/security/defender-endpoint/run-analyzer-macos-linux?view=o365-worldwide) | modified |
+| 7/27/2023 | [Configure spam filter policies](/microsoft-365/security/office-365-security/anti-spam-policies-configure?view=o365-worldwide) | modified |
+| 7/27/2023 | [Zero-hour auto purge in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/zero-hour-auto-purge?view=o365-worldwide) | modified |
+| 7/27/2023 | [Create your collaboration governance plan](/microsoft-365/solutions/collaboration-governance-first?view=o365-worldwide) | modified |
+| 7/27/2023 | [A collaboration governance framework for Microsoft 365](/microsoft-365/solutions/collaboration-governance-overview?view=o365-worldwide) | modified |
+| 7/27/2023 | [SharePoint and Microsoft 365 Groups integration (IT Admins)](/microsoft-365/solutions/groups-sharepoint-governance?view=o365-worldwide) | modified |
+| 7/28/2023 | [Identify Defender for Endpoint architecture and deployment method](/microsoft-365/security/defender-endpoint/deployment-strategy?view=o365-worldwide) | added |
+| 7/28/2023 | [Overview of Microsoft Syntex](/microsoft-365/syntex/syntex-overview) | modified |
+| 7/28/2023 | [Partner applications in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/partner-applications?view=o365-worldwide) | modified |
+| 7/28/2023 | [Troubleshoot problems with attack surface reduction rules](/microsoft-365/security/defender-endpoint/troubleshoot-asr?view=o365-worldwide) | modified |
+| 7/28/2023 | Software developer resources | removed |
+| 7/28/2023 | [Microsoft 365 Groups and Microsoft Teams naming policy](/microsoft-365/solutions/groups-naming-policy?view=o365-worldwide) | modified |
+| 7/28/2023 | Groups services interactions | removed |
+| 7/28/2023 | [Microsoft Teams, SharePoint, and Microsoft 365 Groups integration (IT Admins)](/microsoft-365/solutions/groups-sharepoint-teams-governance?view=o365-worldwide) | modified |
+| 7/28/2023 | [Governing access in Microsoft 365 groups, Teams, and SharePoint](/microsoft-365/solutions/groups-teams-access-governance?view=o365-worldwide) | modified |
+| 7/28/2023 | Communications governance for collaboration scenarios | removed |
+| 7/28/2023 | Compliance options for Microsoft 365 groups, Teams, and SharePoint collaboration | removed |
+| 7/28/2023 | [Plan organization and lifecycle governance for Microsoft 365 groups and Microsoft Teams](/microsoft-365/solutions/plan-organization-lifecycle-governance?view=o365-worldwide) | modified |
++ ## Week of July 17, 2023
| 6/30/2023 | [Administering Exchange Online mailboxes in a multi-geo environment](/microsoft-365/enterprise/administering-exchange-online-multi-geo?view=o365-worldwide) | modified | | 6/30/2023 | [Review or edit your next-generation protection policies Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-next-generation-protection?view=o365-worldwide) | modified | | 6/30/2023 | [Microsoft Defender for Office 365 support for Microsoft Teams (Preview)](/microsoft-365/security/office-365-security/mdo-support-teams-about?view=o365-worldwide) | modified |--
-## Week of June 19, 2023
--
-| Published On |Topic title | Change |
-|||--|
-| 6/19/2023 | [Change a user name and email address](/microsoft-365/admin/add-users/change-a-user-name-and-email-address?view=o365-worldwide) | modified |
-| 6/19/2023 | [Configure email forwarding](/microsoft-365/admin/email/configure-email-forwarding?view=o365-worldwide) | modified |
-| 6/19/2023 | [Password policy recommendations](/microsoft-365/admin/misc/password-policy-recommendations?view=o365-worldwide) | modified |
-| 6/19/2023 | [Get started with trainable classifiers](/microsoft-365/compliance/classifier-get-started-with?view=o365-worldwide) | modified |
-| 6/19/2023 | [How to retrain a classifier in content explorer](/microsoft-365/compliance/classifier-how-to-retrain-content-explorer?view=o365-worldwide) | modified |
-| 6/19/2023 | [Create a custom sensitive information type using PowerShell](/microsoft-365/compliance/create-a-custom-sensitive-information-type-in-scc-powershell?view=o365-worldwide) | modified |
-| 6/19/2023 | [Create a keyword dictionary](/microsoft-365/compliance/create-a-keyword-dictionary?view=o365-worldwide) | modified |
-| 6/19/2023 | [Customize a built-in sensitive information type](/microsoft-365/compliance/customize-a-built-in-sensitive-information-type?view=o365-worldwide) | modified |
-| 6/19/2023 | [Labeling actions reported in Activity explorer](/microsoft-365/compliance/data-classification-activity-explorer-available-events?view=o365-worldwide) | modified |
-| 6/19/2023 | [Get started with Activity explorer](/microsoft-365/compliance/data-classification-activity-explorer?view=o365-worldwide) | modified |
-| 6/19/2023 | [Increase Classifier Accuracy](/microsoft-365/compliance/data-classification-increase-accuracy?view=o365-worldwide) | modified |
-| 6/19/2023 | [Learn about Adaptive Protection in data loss prevention](/microsoft-365/compliance/dlp-adaptive-protection-learn?view=o365-worldwide) | modified |
-| 6/19/2023 | [Get started with the DLP Alerts dashboard](/microsoft-365/compliance/dlp-alerts-dashboard-get-started?view=o365-worldwide) | modified |
-| 6/19/2023 | [Learn about the DLP alerts dashboard](/microsoft-365/compliance/dlp-alerts-dashboard-learn?view=o365-worldwide) | modified |
-| 6/19/2023 | [Get started with the Microsoft Purview extension for Chrome](/microsoft-365/compliance/dlp-chrome-get-started?view=o365-worldwide) | modified |
-| 6/19/2023 | [DLP policy conditions, exceptions, and actions](/microsoft-365/compliance/dlp-conditions-and-exceptions?view=o365-worldwide) | modified |
-| 6/19/2023 | [Configure endpoint DLP settings](/microsoft-365/compliance/dlp-configure-endpoint-settings?view=o365-worldwide) | modified |
-| 6/19/2023 | [Configure and view alerts for DLP policies](/microsoft-365/compliance/dlp-configure-view-alerts-policies?view=o365-worldwide) | modified |
-| 6/19/2023 | [Learn about collecting files that match DLP policies from devices (preview)](/microsoft-365/compliance/dlp-copy-matched-items-learn?view=o365-worldwide) | modified |
-| 6/19/2023 | [Learn about data loss prevention](/microsoft-365/compliance/dlp-learn-about-dlp?view=o365-worldwide) | modified |
-| 6/19/2023 | [Legacy eDiscovery tools retired](/microsoft-365/compliance/ediscovery-legacy-retirement?view=o365-worldwide) | modified |
-| 6/19/2023 | [Enable co-authoring for encrypted documents](/microsoft-365/compliance/sensitivity-labels-coauthoring?view=o365-worldwide) | modified |
-| 6/19/2023 | [Enable sensitivity labels for Office files](/microsoft-365/compliance/sensitivity-labels-sharepoint-onedrive-files?view=o365-worldwide) | modified |
-| 6/19/2023 | [Overview of Loop components in the Microsoft 365 ecosystem](/microsoft-365/loop/loop-components-teams?view=o365-worldwide) | modified |
-| 6/19/2023 | [Run the client analyzer on macOS or Linux](/microsoft-365/security/defender-endpoint/run-analyzer-macos-linux?view=o365-worldwide) | modified |
-| 6/19/2023 | [Overview of Microsoft Syntex](/microsoft-365/syntex/syntex-overview) | modified |
-| 6/19/2023 | [Data loss prevention Exchange conditions and actions reference](/microsoft-365/compliance/dlp-exchange-conditions-and-actions?view=o365-worldwide) | renamed |
-| 6/19/2023 | [Search the audit log in the Microsoft Purview compliance portal](/microsoft-365/compliance/audit-log-search?view=o365-worldwide) | modified |
-| 6/19/2023 | [Permissions in the Microsoft Purview compliance portal](/microsoft-365/compliance/microsoft-365-compliance-center-permissions?view=o365-worldwide) | modified |
-| 6/19/2023 | [Microsoft Defender for Business](/microsoft-365/security/defender-business/index?view=o365-worldwide) | modified |
-| 6/19/2023 | [Assign security roles and permissions in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-roles-permissions?view=o365-worldwide) | modified |
-| 6/19/2023 | [Compare Microsoft endpoint security plans](/microsoft-365/security/defender-endpoint/defender-endpoint-plan-1-2?view=o365-worldwide) | modified |
-| 6/19/2023 | [Overview of Microsoft Defender for Endpoint Plan 1](/microsoft-365/security/defender-endpoint/defender-endpoint-plan-1?view=o365-worldwide) | modified |
-| 6/19/2023 | [Use network protection to help prevent connections to bad sites](/microsoft-365/security/defender-endpoint/network-protection?view=o365-worldwide) | modified |
-| 6/19/2023 | [Update your agent on devices for Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/update-agent-mma-windows?view=o365-worldwide) | modified |
-| 6/20/2023 | [Outbound delivery pools](/microsoft-365/security/office-365-security/outbound-spam-high-risk-delivery-pool-about?view=o365-worldwide) | modified |
-| 6/20/2023 | [Configure outbound spam policies](/microsoft-365/security/office-365-security/outbound-spam-policies-configure?view=o365-worldwide) | modified |
-| 6/20/2023 | [Configuring and controlling external email forwarding in Microsoft 365](/microsoft-365/security/office-365-security/outbound-spam-policies-external-email-forwarding?view=o365-worldwide) | modified |
-| 6/20/2023 | [Outbound spam protection](/microsoft-365/security/office-365-security/outbound-spam-protection-about?view=o365-worldwide) | modified |
-| 6/20/2023 | [Preset security policies](/microsoft-365/security/office-365-security/preset-security-policies?view=o365-worldwide) | modified |
-| 6/20/2023 | [Protect against threats in Microsoft Defender for Office 365, Anti-malware, Anti-Phishing, Anti-spam, Safe links, Safe attachments, Zero-hour auto purge (ZAP), MDO security configuration](/microsoft-365/security/office-365-security/protect-against-threats?view=o365-worldwide) | modified |
-| 6/20/2023 | [Quarantined email messages](/microsoft-365/security/office-365-security/quarantine-about?view=o365-worldwide) | modified |
-| 6/20/2023 | [Find and release quarantined messages as a user](/microsoft-365/security/office-365-security/quarantine-end-user?view=o365-worldwide) | modified |
-| 6/20/2023 | [Quarantine policies](/microsoft-365/security/office-365-security/quarantine-policies?view=o365-worldwide) | modified |
-| 6/20/2023 | [Quarantine notifications (end-user spam notifications) in Microsoft 365](/microsoft-365/security/office-365-security/quarantine-quarantine-notifications?view=o365-worldwide) | modified |
-| 6/20/2023 | [View and release quarantined messages from shared mailboxes](/microsoft-365/security/office-365-security/quarantine-shared-mailbox-messages?view=o365-worldwide) | modified |
-| 6/20/2023 | [Threat Explorer and Real-time detections basics in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/real-time-detections?view=o365-worldwide) | modified |
-| 6/20/2023 | [Microsoft recommendations for EOP and Defender for Office 365 security settings](/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-worldwide) | modified |
-| 6/20/2023 | [Reference Policies, practices, and guidelines](/microsoft-365/security/office-365-security/reference-policies-practices-and-guidelines?view=o365-worldwide) | modified |
-| 6/20/2023 | [Remove blocked users from the Restricted entities page](/microsoft-365/security/office-365-security/removing-user-from-restricted-users-portal-after-spam?view=o365-worldwide) | modified |
-| 6/20/2023 | [View email security reports](/microsoft-365/security/office-365-security/reports-email-security?view=o365-worldwide) | modified |
-| 6/20/2023 | [Responding to a Compromised Email Account](/microsoft-365/security/office-365-security/responding-to-a-compromised-email-account?view=o365-worldwide) | modified |
-| 6/20/2023 | [Manage mailbox auditing](/microsoft-365/compliance/audit-mailboxes?view=o365-worldwide) | modified |
-| 6/20/2023 | [Deploy frontline dynamic teams at scale](/microsoft-365/frontline/deploy-dynamic-teams-at-scale?view=o365-worldwide) | added |
-| 6/20/2023 | [How to find the best frontline team solution for your organization](/microsoft-365/frontline/frontline-team-options?view=o365-worldwide) | added |
-| 6/20/2023 | [Administering Exchange Online mailboxes in a multi-geo environment](/microsoft-365/enterprise/administering-exchange-online-multi-geo?view=o365-worldwide) | modified |
-| 6/20/2023 | [Exchange Multi-Geo](/microsoft-365/enterprise/multi-geo-capabilities-in-exchange-online?view=o365-worldwide) | modified |
-| 6/20/2023 | [Deploy frontline static teams at scale with PowerShell for frontline workers](/microsoft-365/frontline/deploy-teams-at-scale?view=o365-worldwide) | modified |
-| 6/20/2023 | [Set up, review, and edit your security policies and settings in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-configure-security-settings?view=o365-worldwide) | modified |
-| 6/20/2023 | [Manage devices in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-manage-devices?view=o365-worldwide) | modified |
-| 6/20/2023 | [Set up web content filtering in Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-web-content-filtering?view=o365-worldwide) | modified |
-| 6/20/2023 | [Secure by default in Office 365](/microsoft-365/security/office-365-security/secure-by-default?view=o365-worldwide) | modified |
-| 6/20/2023 | [SIEM integration with Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/siem-integration-with-office-365-ti?view=o365-worldwide) | modified |
-| 6/20/2023 | [SIEM server integration with Microsoft 365 services and applications](/microsoft-365/security/office-365-security/siem-server-integration?view=o365-worldwide) | modified |
-| 6/20/2023 | [Configure the advanced delivery policy for third-party phishing simulations and email delivery to SecOps mailboxes](/microsoft-365/security/office-365-security/skip-filtering-phishing-simulations-sec-ops-mailboxes?view=o365-worldwide) | modified |
-| 6/20/2023 | [Admin review for user reported messages](/microsoft-365/security/office-365-security/submissions-admin-review-user-reported-messages?view=o365-worldwide) | modified |
-| 6/20/2023 | [Manage submissions](/microsoft-365/security/office-365-security/submissions-admin?view=o365-worldwide) | modified |
-| 6/20/2023 | [Errors during admin submissions](/microsoft-365/security/office-365-security/submissions-error-messages?view=o365-worldwide) | modified |
-| 6/20/2023 | [Report phishing and suspicious emails in Outlook for admins](/microsoft-365/security/office-365-security/submissions-outlook-report-messages?view=o365-worldwide) | modified |
-| 6/20/2023 | [Report spam, non-spam, phishing, suspicious emails and files to Microsoft](/microsoft-365/security/office-365-security/submissions-report-messages-files-to-microsoft?view=o365-worldwide) | modified |
-| 6/20/2023 | [Submit malware and good files to Microsoft for analysis](/microsoft-365/security/office-365-security/submissions-submit-files-to-microsoft?view=o365-worldwide) | modified |
-| 6/20/2023 | [User reported settings](/microsoft-365/security/office-365-security/submissions-user-reported-messages-custom-mailbox?view=o365-worldwide) | modified |
-| 6/20/2023 | [Enable the Report Message or the Report Phishing add-ins](/microsoft-365/security/office-365-security/submissions-users-report-message-add-in-configure?view=o365-worldwide) | modified |
-| 6/20/2023 | [Manage allows and blocks in the Tenant Allow/Block List](/microsoft-365/security/office-365-security/tenant-allow-block-list-about?view=o365-worldwide) | modified |
-| 6/20/2023 | [Allow or block email using the Tenant Allow/Block List](/microsoft-365/security/office-365-security/tenant-allow-block-list-email-spoof-configure?view=o365-worldwide) | modified |
-| 6/20/2023 | [Allow or block files using the Tenant Allow/Block List](/microsoft-365/security/office-365-security/tenant-allow-block-list-files-configure?view=o365-worldwide) | modified |
-| 6/20/2023 | [Allow or block URLs using the Tenant Allow/Block List](/microsoft-365/security/office-365-security/tenant-allow-block-list-urls-configure?view=o365-worldwide) | modified |
-| 6/20/2023 | [Configure your Microsoft 365 tenant for increased security](/microsoft-365/security/office-365-security/tenant-wide-setup-for-increased-security?view=o365-worldwide) | modified |
-| 6/20/2023 | [Threat hunting in Threat Explorer for Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/threat-explorer-threat-hunting?view=o365-worldwide) | modified |
-| 6/20/2023 | [Use Trusted ARC senders for legitimate devices and services between the sender and receiver](/microsoft-365/security/office-365-security/use-arc-exceptions-to-mark-trusted-arc-senders?view=o365-worldwide) | modified |
-| 6/20/2023 | [Remove yourself from the blocked senders list and address 5.7.511 Access denied errors](/microsoft-365/security/office-365-security/use-the-delist-portal-to-remove-yourself-from-the-office-365-blocked-senders-lis?view=o365-worldwide) | modified |
-| 6/21/2023 | [Add custom tiles to the app launcher](/microsoft-365/admin/manage/customize-the-app-launcher?view=o365-worldwide) | modified |
-| 6/21/2023 | [Anti-spoofing protection FAQ](/microsoft-365/security/office-365-security/anti-phishing-protection-spoofing-faq?view=o365-worldwide) | modified |
-| 6/21/2023 | [Anti-spam protection FAQ](/microsoft-365/security/office-365-security/anti-spam-protection-faq?view=o365-worldwide) | modified |
-| 6/21/2023 | [Configure junk email settings on Exchange Online mailboxes](/microsoft-365/security/office-365-security/configure-junk-email-settings-on-exo-mailboxes?view=o365-worldwide) | modified |
-| 6/21/2023 | [Email authentication in Microsoft 365](/microsoft-365/security/office-365-security/email-authentication-about?view=o365-worldwide) | modified |
-| 6/21/2023 | [Exchange Online Protection (EOP) overview](/microsoft-365/security/office-365-security/eop-about?view=o365-worldwide) | modified |
-| 6/21/2023 | [EOP general FAQ](/microsoft-365/security/office-365-security/eop-faq?view=o365-worldwide) | modified |
-| 6/21/2023 | [Help and support for EOP](/microsoft-365/security/office-365-security/help-and-support-for-eop?view=o365-worldwide) | modified |
-| 6/21/2023 | [Order and precedence of email protection](/microsoft-365/security/office-365-security/how-policies-and-protections-are-combined?view=o365-worldwide) | modified |
-| 6/21/2023 | [Get started with Microsoft 365 Copilot](/microsoft-365/admin/copilot/m365-copilot-setup?view=o365-worldwide) | added |
-| 6/21/2023 | [Microsoft 365 Copilot Early Access Program](/microsoft-365/admin/copilot/m365-early-access-program?view=o365-worldwide) | added |
-| 6/21/2023 | [Install Microsoft 365 apps](/microsoft-365/admin/setup/install-applications?view=o365-worldwide) | modified |
-| 6/21/2023 | [Take response actions on a device in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/respond-machine-alerts?view=o365-worldwide) | modified |
-| 6/21/2023 | [What's new in Microsoft Purview risk and compliance solutions](/microsoft-365/compliance/whats-new?view=o365-worldwide) | modified |
-| 6/22/2023 | [Overview of Loop workspaces storage and permissions](/microsoft-365/loop/loop-workspaces-storage-permission?view=o365-worldwide) | added |
-| 6/22/2023 | [Manage device access settings in Basic Mobility and Security](/microsoft-365/admin/basic-mobility-security/manage-device-access-settings?view=o365-worldwide) | modified |
-| 6/22/2023 | [Manage Microsoft feedback for your organization](/microsoft-365/admin/manage/manage-feedback-ms-org?view=o365-worldwide) | modified |
-| 6/22/2023 | [Learn about Microsoft feedback for your organization](/microsoft-365/admin/misc/feedback-user-control?view=o365-worldwide) | modified |
-| 6/22/2023 | [Microsoft Bookings Frequently Asked Questions](/microsoft-365/bookings/bookings-faq?view=o365-worldwide) | modified |
-| 6/22/2023 | [IdentityInfo table in the advanced hunting schema](/microsoft-365/security/defender/advanced-hunting-identityinfo-table?view=o365-worldwide) | modified |
-| 6/22/2023 | [Impersonation insight](/microsoft-365/security/office-365-security/anti-phishing-mdo-impersonation-insight?view=o365-worldwide) | modified |
-| 6/22/2023 | [Anti-phishing policies](/microsoft-365/security/office-365-security/anti-phishing-policies-about?view=o365-worldwide) | modified |
-| 6/22/2023 | [Web content filtering](/microsoft-365/security/defender-endpoint/web-content-filtering?view=o365-worldwide) | modified |
-| 6/22/2023 | [Manage Loop components in OneDrive and SharePoint](/microsoft-365/loop/loop-components-configuration?view=o365-worldwide) | added |
-| 6/22/2023 | [Manage Loop workspaces in Syntex repository services](/microsoft-365/loop/loop-workspaces-configuration?view=o365-worldwide) | added |
-| 6/22/2023 | Manage Loop experiences (Loop workspaces and Loop components) in SharePoint | removed |
-| 6/22/2023 | [Overview of Loop components in the Microsoft 365 ecosystem](/microsoft-365/loop/loop-components-teams?view=o365-worldwide) | modified |
-| 6/22/2023 | [Use network protection to help prevent macOS connections to bad sites](/microsoft-365/security/defender-endpoint/network-protection-macos?view=o365-worldwide) | modified |
-| 6/22/2023 | [Microsoft Syntex video library](/microsoft-365/syntex/video-library) | modified |
-| 6/23/2023 | [Get started with collecting files that match data loss prevention policies from devices (preview)](/microsoft-365/compliance/dlp-copy-matched-items-get-started?view=o365-worldwide) | modified |
-| 6/23/2023 | [Configure Microsoft Defender for Endpoint on Android risk signals using App Protection Policies (MAM)](/microsoft-365/security/defender-endpoint/android-configure-mam?view=o365-worldwide) | modified |
-| 6/23/2023 | [Configure Microsoft Defender for Endpoint on Android features](/microsoft-365/security/defender-endpoint/android-configure?view=o365-worldwide) | modified |
-| 6/23/2023 | [Troubleshoot issues on Microsoft Defender for Endpoint on Android](/microsoft-365/security/defender-endpoint/android-support-signin?view=o365-worldwide) | modified |
-| 6/23/2023 | [Microsoft Secure Score](/microsoft-365/security/defender/microsoft-secure-score?view=o365-worldwide) | modified |
-| 6/23/2023 | [Configure the advanced delivery policy for third-party phishing simulations and email delivery to SecOps mailboxes](/microsoft-365/security/office-365-security/skip-filtering-phishing-simulations-sec-ops-mailboxes?view=o365-worldwide) | modified |
-| 6/23/2023 | [Collaborate with guests in a team](/microsoft-365/solutions/collaborate-as-team?view=o365-worldwide) | modified |
-| 6/23/2023 | [Sensitive information type entity definitions](/microsoft-365/compliance/sensitive-information-type-entity-definitions?view=o365-worldwide) | modified |
-| 6/23/2023 | [Cross-tenant mailbox migration](/microsoft-365/enterprise/cross-tenant-mailbox-migration?view=o365-worldwide) | modified |
-| 6/23/2023 | [Deploy Microsoft Defender for Endpoint on Linux manually](/microsoft-365/security/defender-endpoint/linux-install-manually?view=o365-worldwide) | modified |
-| 6/23/2023 | [Configure anti-phishing policies in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/anti-phishing-policies-mdo-configure?view=o365-worldwide) | modified |
-| 6/23/2023 | [Backscatter in EOP](/microsoft-365/security/office-365-security/anti-spam-backscatter-about?view=o365-worldwide) | modified |
-| 6/23/2023 | [Anti-spam protection](/microsoft-365/security/office-365-security/anti-spam-protection-about?view=o365-worldwide) | modified |
-| 6/23/2023 | [End-user notifications for Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-end-user-notifications?view=o365-worldwide) | modified |
-| 6/23/2023 | [Attack simulation training deployment considerations and FAQ](/microsoft-365/security/office-365-security/attack-simulation-training-faq?view=o365-worldwide) | modified |
-| 6/23/2023 | [Landing pages in Attack simulation training](/microsoft-365/security/office-365-security/attack-simulation-training-landing-pages?view=o365-worldwide) | modified |
-| 6/23/2023 | [EOP queued, deferred, and bounced messages FAQ](/microsoft-365/security/office-365-security/mail-flow-delivery-faq?view=o365-worldwide) | modified |
-| 6/23/2023 | [Security Operations Guide for Defender for Office 365](/microsoft-365/security/office-365-security/mdo-sec-ops-guide?view=o365-worldwide) | modified |
-| 6/23/2023 | [Message trace in the Microsoft 365 Defender portal](/microsoft-365/security/office-365-security/message-trace-scc?view=o365-worldwide) | modified |
-| 6/23/2023 | [Migrate from a third-party protection service to Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/migrate-to-defender-for-office-365?view=o365-worldwide) | modified |
-| 6/23/2023 | [Outbound delivery pools](/microsoft-365/security/office-365-security/outbound-spam-high-risk-delivery-pool-about?view=o365-worldwide) | modified |
-| 6/23/2023 | [Quarantined messages FAQ](/microsoft-365/security/office-365-security/quarantine-faq?view=o365-worldwide) | modified |
-| 6/23/2023 | [View and release quarantined messages from shared mailboxes](/microsoft-365/security/office-365-security/quarantine-shared-mailbox-messages?view=o365-worldwide) | modified |
-| 6/23/2023 | [Reference Policies, practices, and guidelines](/microsoft-365/security/office-365-security/reference-policies-practices-and-guidelines?view=o365-worldwide) | modified |
-| 6/23/2023 | [Roles and role groups in Microsoft Defender for Office 365 and Microsoft Purview compliance](/microsoft-365/security/office-365-security/scc-permissions?view=o365-worldwide) | modified |
-| 6/23/2023 | [Sending mail to Microsoft 365](/microsoft-365/security/office-365-security/sending-mail-to-office-365?view=o365-worldwide) | modified |
-| 6/23/2023 | [Services for external organizations sending mail to Microsoft 365](/microsoft-365/security/office-365-security/services-for-non-customers?view=o365-worldwide) | modified |
-| 6/23/2023 | [Microsoft Defender for Office 365 trial user guide](/microsoft-365/security/office-365-security/trial-user-guide-defender-for-office-365?view=o365-worldwide) | modified |
-| 6/23/2023 | [Zero-hour auto purge in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/zero-hour-auto-purge?view=o365-worldwide) | modified |
includes Office 365 U.S. Government Dod Endpoints https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/includes/office-365-u.s.-government-dod-endpoints.md
<!--THIS FILE IS AUTOMATICALLY GENERATED. MANUAL CHANGES WILL BE OVERWRITTEN.--> <!--Please contact the Office 365 Endpoints team with any questions.-->
-<!--USGovDoD endpoints version 2023062900-->
-<!--File generated 2023-06-30 08:00:05.4152-->
+<!--USGovDoD endpoints version 2023073100-->
+<!--File generated 2023-07-31 08:00:04.6600-->
## Exchange Online
ID | Category | ER | Addresses | Ports
1 | Optimize<BR>Required | Yes | `outlook-dod.office365.us, webmail.apps.mil`<BR>`20.35.192.0/20, 40.66.24.0/21, 2001:489a:2200:500::/56, 2001:489a:2200:700::/56` | **TCP:** 443, 80 4 | Default<BR>Required | Yes | `outlook-dod.office365.us, webmail.apps.mil` | **TCP:** 143, 25, 587, 993, 995 5 | Default<BR>Required | Yes | `attachments-dod.office365-net.us, autodiscover.<tenant>.mail.onmicrosoft.com, autodiscover.<tenant>.mail.onmicrosoft.us, autodiscover.<tenant>.onmicrosoft.com, autodiscover.<tenant>.onmicrosoft.us, autodiscover-s-dod.office365.us` | **TCP:** 443, 80
-6 | Allow<BR>Required | Yes | `*.protection.apps.mil, *.protection.office365.us`<BR>`23.103.191.0/24, 23.103.199.0/25, 23.103.204.0/22, 52.181.167.52/32, 52.181.167.91/32, 52.182.95.219/32, 2001:489a:2202::/62, 2001:489a:2202:8::/62, 2001:489a:2202:2000::/63` | **TCP:** 25, 443
+6 | Allow<BR>Required | Yes | `*.protection.apps.mil, *.protection.office365.us`<BR>`23.103.191.0/24, 23.103.199.0/25, 23.103.204.0/22, 2001:489a:2202::/62, 2001:489a:2202:8::/62, 2001:489a:2202:2000::/63` | **TCP:** 25, 443
## SharePoint Online and OneDrive for Business
ID | Category | ER | Addresses | Ports
## Skype for Business Online and Microsoft Teams ID | Category | ER | Addresses | Ports | -- | | -- | --
-7 | Optimize<BR>Required | Yes | `*.dod.teams.microsoft.us, *.online.dod.skypeforbusiness.us, dod.teams.microsoft.us`<BR>`52.127.64.0/21, 52.180.249.148/32, 52.180.252.118/32, 52.180.252.187/32, 52.180.253.137/32, 52.180.253.154/32, 52.181.165.243/32, 52.181.166.119/32, 52.181.167.43/32, 52.181.167.64/32, 52.181.200.104/32, 104.212.32.0/22, 104.212.60.0/23, 195.134.240.0/22` | **TCP:** 443<BR>**UDP:** 3478, 3479, 3480, 3481
+-- | -- | | -- | --
+7 | Optimize<BR>Required | Yes | `*.dod.teams.microsoft.us, *.online.dod.skypeforbusiness.us, dod.teams.microsoft.us`<BR>`52.127.64.0/21, 52.180.249.148/32, 52.181.166.119/32, 52.181.167.43/32, 104.212.32.0/22, 104.212.60.0/23, 195.134.240.0/22` | **TCP:** 443<BR>**UDP:** 3478, 3479, 3480, 3481
21 | Default<BR>Required | No | `dodteamsapuiwebcontent.blob.core.usgovcloudapi.net, msteamsstatics.blob.core.usgovcloudapi.net, statics.teams.microsoft.com` | **TCP:** 443 22 | Allow<BR>Required | Yes | `endpoint1-proddodcecompsvc-dodc.streaming.media.usgovcloudapi.net, endpoint1-proddodeacompsvc-dode.streaming.media.usgovcloudapi.net`<BR>`52.181.167.113/32, 52.182.52.226/32` | **TCP:** 443
ID | Category | ER | Addresses | Ports
ID | Category | ER | Addresses | Ports -- | - | | - | -
-11 | Allow<BR>Required | Yes | `*.dod.online.office365.us`<BR>`52.127.80.0/23, 52.181.164.39/32, 52.182.95.191/32, 2001:489a:2208:8000::/49` | **TCP:** 443
+11 | Allow<BR>Required | Yes | `*.dod.online.office365.us`<BR>`52.127.80.0/23, 2001:489a:2208:8000::/49` | **TCP:** 443
12 | Default<BR>Required | No | `*.office365.us` | **TCP:** 443, 80 13 | Allow<BR>Required | Yes | `*.auth.microsoft.us, *.gov.us.microsoftonline.com, dod-graph.microsoft.us, graph.microsoftazure.us, login.microsoftonline.us`<BR>`20.140.232.0/23, 52.126.194.0/23, 2001:489a:3500::/50` | **TCP:** 443 14 | Default<BR>Required | No | `*.msauth.net, *.msauthimages.us, *.msftauth.net, *.msftauthimages.us, clientconfig.microsoftonline-p.net, graph.windows.net, login.microsoftonline.com, login.microsoftonline-p.com, login.windows.net, loginex.microsoftonline.com, login-us.microsoftonline.com, mscrl.microsoft.com, nexus.microsoftonline-p.com, secure.aadcdn.microsoftonline-p.com` | **TCP:** 443
-15 | Allow<BR>Required | Yes | `portal.apps.mil, reports.apps.mil, webshell.dodsuite.office365.us, www.ohome.apps.mil`<BR>`52.127.72.42/32, 52.127.76.42/32, 52.180.251.166/32, 52.181.24.112/32, 52.181.160.19/32, 52.181.160.113/32, 52.181.160.236/32, 52.182.24.200/32, 52.182.54.237/32, 52.182.92.132/32` | **TCP:** 443
+15 | Allow<BR>Required | Yes | `portal.apps.mil, reports.apps.mil, webshell.dodsuite.office365.us, www.ohome.apps.mil`<BR>`52.127.72.42/32, 52.127.76.42/32, 52.180.251.166/32, 52.181.24.112/32, 52.181.160.113/32, 52.182.24.200/32, 52.182.54.237/32` | **TCP:** 443
16 | Allow<BR>Required | Yes | `*.osi.apps.mil, dod.loki.office365.us`<BR>`52.127.72.0/21, 2001:489a:2206::/48` | **TCP:** 443 17 | Default<BR>Required | No | `activation.sls.microsoft.com, crl.microsoft.com, go.microsoft.com, insertmedia.bing.office.net, ocsa.officeapps.live.com, ocsredir.officeapps.live.com, ocws.officeapps.live.com, office15client.microsoft.com, officecdn.microsoft.com, officecdn.microsoft.com.edgesuite.net, officepreviewredir.microsoft.com, officeredir.microsoft.com, ols.officeapps.live.com, r.office.microsoft.com` | **TCP:** 443, 80 18 | Default<BR>Required | No | `cdn.odc.officeapps.live.com, mrodevicemgr.officeapps.live.com, odc.officeapps.live.com, officeclient.microsoft.com` | **TCP:** 443, 80 24 | Default<BR>Required | No | `lpcres.delve.office.com` | **TCP:** 443 25 | Default<BR>Required | No | `*.cdn.office.net` | **TCP:** 443
-26 | Allow<BR>Required | Yes | `*.compliance.apps.mil, *.security.apps.mil, compliance.apps.mil, scc.protection.apps.mil, security.apps.mil`<BR>`23.103.204.0/22, 52.127.72.0/21, 52.180.255.219/32, 52.181.166.108/32` | **TCP:** 443, 80
+26 | Allow<BR>Required | Yes | `*.compliance.apps.mil, *.security.apps.mil, compliance.apps.mil, scc.protection.apps.mil, security.apps.mil`<BR>`23.103.204.0/22, 52.127.72.0/21` | **TCP:** 443, 80
28 | Default<BR>Required | No | `activity.windows.com, dod.activity.windows.us` | **TCP:** 443 29 | Default<BR>Required | No | `dod-mtis.cortana.ai` | **TCP:** 443 30 | Default<BR>Required | No | `*.aadrm.us, *.informationprotection.azure.us` | **TCP:** 443
includes Office 365 U.S. Government Gcc High Endpoints https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/includes/office-365-u.s.-government-gcc-high-endpoints.md
<!--THIS FILE IS AUTOMATICALLY GENERATED. MANUAL CHANGES WILL BE OVERWRITTEN.--> <!--Please contact the Office 365 Endpoints team with any questions.-->
-<!--USGovGCCHigh endpoints version 2023062900-->
-<!--File generated 2023-06-30 08:00:06.6451-->
+<!--USGovGCCHigh endpoints version 2023073100-->
+<!--File generated 2023-07-31 08:00:05.9608-->
## Exchange Online ID | Category | ER | Addresses | Ports | -- | | -- | -
+-- | -- | | - | -
1 | Optimize<BR>Required | Yes | `outlook.office365.us`<BR>`20.35.208.0/20, 20.35.240.0/21, 40.66.16.0/21, 2001:489a:2200:100::/56, 2001:489a:2200:400::/56, 2001:489a:2200:600::/56` | **TCP:** 443, 80 4 | Default<BR>Required | Yes | `attachments.office365-net.us, autodiscover.<tenant>.mail.onmicrosoft.com, autodiscover.<tenant>.mail.onmicrosoft.us, autodiscover.<tenant>.onmicrosoft.com, autodiscover.<tenant>.onmicrosoft.us, autodiscover-s.office365.us` | **TCP:** 443, 80 5 | Default<BR>Required | Yes | `outlook.office365.us` | **TCP:** 143, 25, 587, 993, 995
-6 | Allow<BR>Required | Yes | `*.manage.office365.us, *.protection.office365.us, *.scc.office365.us, manage.office365.us, scc.office365.us`<BR>`13.72.179.197/32, 13.72.183.70/32, 23.103.191.0/24, 23.103.199.128/25, 23.103.208.0/22, 52.227.170.14/32, 52.227.170.120/32, 52.227.178.94/32, 52.227.180.138/32, 52.227.182.149/32, 52.238.74.212/32, 52.244.65.13/32, 2001:489a:2202:4::/62, 2001:489a:2202:c::/62, 2001:489a:2202:2000::/63` | **TCP:** 25, 443
+6 | Allow<BR>Required | Yes | `*.manage.office365.us, *.protection.office365.us, *.scc.office365.us, manage.office365.us, scc.office365.us`<BR>`23.103.191.0/24, 23.103.199.128/25, 23.103.208.0/22, 52.227.182.149/32, 52.238.74.212/32, 52.244.65.13/32, 2001:489a:2202:4::/62, 2001:489a:2202:c::/62, 2001:489a:2202:2000::/63` | **TCP:** 25, 443
## SharePoint Online and OneDrive for Business
ID | Category | ER | Addresses | Ports
13 | Allow<BR>Required | Yes | `*.auth.microsoft.us, *.gov.us.microsoftonline.com, graph.microsoft.us, graph.microsoftazure.us, login.microsoftonline.us`<BR>`20.140.232.0/23, 52.126.194.0/23, 2001:489a:3500::/50` | **TCP:** 443 14 | Default<BR>Required | No | `*.msauth.net, *.msauthimages.us, *.msftauth.net, *.msftauthimages.us, clientconfig.microsoftonline-p.net, graph.windows.net, login.microsoftonline.com, login.microsoftonline-p.com, login.windows.net, loginex.microsoftonline.com, login-us.microsoftonline.com, mscrl.microsoft.com, nexus.microsoftonline-p.com, secure.aadcdn.microsoftonline-p.com` | **TCP:** 443 15 | Default<BR>Required | No | `officehome.msocdn.us, prod.msocdn.us` | **TCP:** 443, 80
-16 | Allow<BR>Required | Yes | `portal.office365.us, www.office365.us`<BR>`13.72.179.48/32, 52.227.167.206/32, 52.227.170.242/32` | **TCP:** 443, 80
+16 | Allow<BR>Required | Yes | `portal.office365.us, www.office365.us`<BR>`52.227.170.242/32` | **TCP:** 443, 80
17 | Allow<BR>Required | Yes | `*.osi.office365.us, gcchigh.loki.office365.us, tasks.office365.us`<BR>`52.127.240.0/20, 2001:489a:2206::/48` | **TCP:** 443 18 | Default<BR>Required | No | `*.office.delivery.microsoft.com, activation.sls.microsoft.com, crl.microsoft.com, go.microsoft.com, insertmedia.bing.office.net, mrodevicemgr.officeapps.live.com, ocsa.officeapps.live.com, ocsredir.officeapps.live.com, ocws.officeapps.live.com, office15client.microsoft.com, officecdn.microsoft.com, officecdn.microsoft.com.edgesuite.net, officepreviewredir.microsoft.com, officeredir.microsoft.com, ols.officeapps.live.com, r.office.microsoft.com` | **TCP:** 443, 80 19 | Default<BR>Required | No | `cdn.odc.officeapps.live.com, odc.officeapps.live.com, officeclient.microsoft.com` | **TCP:** 443, 80
includes Office 365 Worldwide Endpoints https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/includes/office-365-worldwide-endpoints.md
-<!--THIS FILE IS AUTOMATICALLY GENERATED. MANUAL CHANGES WILL BE OVERWRITTEN.-->
+<!--THIS FILE IS AUTOMATICALLY GENERATED. MANUAL CHANGES WILL BE OVERWRITTEN.-->
<!--Please contact the Office 365 Endpoints team with any questions.-->
-<!--Worldwide endpoints version 2023062900-->
-<!--File generated 2023-06-30 08:00:03.8532-->
-
-## Exchange Online
+<!--Worldwide endpoints version 2023073100-->
+<!--File generated 2023-07-31 08:00:03.0494-->
+
+## Exchange Online
ID | Category | ER | Addresses | Ports | - | | - | --
+-- | - | | | --
1 | Optimize<BR>Required | Yes | `outlook.office.com, outlook.office365.com`<BR>`13.107.6.152/31, 13.107.18.10/31, 13.107.128.0/22, 23.103.160.0/20, 40.96.0.0/13, 40.104.0.0/15, 52.96.0.0/14, 131.253.33.215/32, 132.245.0.0/16, 150.171.32.0/22, 204.79.197.215/32, 2603:1006::/40, 2603:1016::/36, 2603:1026::/36, 2603:1036::/36, 2603:1046::/36, 2603:1056::/36, 2620:1ec:4::152/128, 2620:1ec:4::153/128, 2620:1ec:c::10/128, 2620:1ec:c::11/128, 2620:1ec:d::10/128, 2620:1ec:d::11/128, 2620:1ec:8f0::/46, 2620:1ec:900::/46, 2620:1ec:a92::152/128, 2620:1ec:a92::153/128` | **TCP:** 443, 80<BR>**UDP:** 443
-2 | Allow<BR>Optional<BR>**Notes:** POP3, IMAP4, SMTP Client traffic | Yes | `*.outlook.office.com, outlook.office365.com, smtp.office365.com`<BR>`13.107.6.152/31, 13.107.18.10/31, 13.107.128.0/22, 23.103.160.0/20, 40.96.0.0/13, 40.104.0.0/15, 52.96.0.0/14, 131.253.33.215/32, 132.245.0.0/16, 150.171.32.0/22, 204.79.197.215/32, 2603:1006::/40, 2603:1016::/36, 2603:1026::/36, 2603:1036::/36, 2603:1046::/36, 2603:1056::/36, 2620:1ec:4::152/128, 2620:1ec:4::153/128, 2620:1ec:c::10/128, 2620:1ec:c::11/128, 2620:1ec:d::10/128, 2620:1ec:d::11/128, 2620:1ec:8f0::/46, 2620:1ec:900::/46, 2620:1ec:a92::152/128, 2620:1ec:a92::153/128` | **TCP:** 587, 993, 995, 143
+2 | Allow<BR>Optional<BR>**Notes:** POP3, IMAP4, SMTP Client traffic | Yes | `outlook.office365.com, smtp.office365.com`<BR>`13.107.6.152/31, 13.107.18.10/31, 13.107.128.0/22, 23.103.160.0/20, 40.96.0.0/13, 40.104.0.0/15, 52.96.0.0/14, 131.253.33.215/32, 132.245.0.0/16, 150.171.32.0/22, 204.79.197.215/32, 2603:1006::/40, 2603:1016::/36, 2603:1026::/36, 2603:1036::/36, 2603:1046::/36, 2603:1056::/36, 2620:1ec:4::152/128, 2620:1ec:4::153/128, 2620:1ec:c::10/128, 2620:1ec:c::11/128, 2620:1ec:d::10/128, 2620:1ec:d::11/128, 2620:1ec:8f0::/46, 2620:1ec:900::/46, 2620:1ec:a92::152/128, 2620:1ec:a92::153/128` | **TCP:** 587, 993, 995, 143
8 | Default<BR>Required | No | `*.outlook.com, autodiscover.<tenant>.onmicrosoft.com` | **TCP:** 443, 80 9 | Allow<BR>Required | Yes | `*.protection.outlook.com`<BR>`40.92.0.0/15, 40.107.0.0/16, 52.100.0.0/14, 52.238.78.88/32, 104.47.0.0/17, 2a01:111:f400::/48, 2a01:111:f403::/48` | **TCP:** 443 10 | Allow<BR>Required | Yes | `*.mail.protection.outlook.com`<BR>`40.92.0.0/15, 40.107.0.0/16, 52.100.0.0/14, 104.47.0.0/17, 2a01:111:f400::/48, 2a01:111:f403::/48` | **TCP:** 25-
-## SharePoint Online and OneDrive for Business
+
+## SharePoint Online and OneDrive for Business
ID | Category | ER | Addresses | Ports -- | -- | | -- | -
ID | Category | ER | Addresses | Ports
36 | Default<BR>Required | No | `g.live.com, oneclient.sfx.ms` | **TCP:** 443, 80 37 | Default<BR>Required | No | `*.sharepointonline.com, spoprod-a.akamaihd.net` | **TCP:** 443, 80 39 | Default<BR>Required | No | `*.svc.ms` | **TCP:** 443, 80-
-## Skype for Business Online and Microsoft Teams
+
+## Skype for Business Online and Microsoft Teams
ID | Category | ER | Addresses | Ports | - | | - | -
ID | Category | ER | Addresses | Ports
127 | Default<BR>Required | No | `*.skype.com` | **TCP:** 443, 80 167 | Default<BR>Required | No | `*.ecdn.microsoft.com` | **TCP:** 443 180 | Default<BR>Required | No | `compass-ssl.microsoft.com` | **TCP:** 443-
-## Microsoft 365 Common and Office Online
+
+## Microsoft 365 Common and Office Online
ID | Category | ER | Addresses | Ports | -- | | -- | -
ID | Category | ER | Addresses | Ports
72 | Default<BR>Optional<BR>**Notes:** Azure Rights Management (RMS) with Office 2010 clients | No | `*.cloudapp.net` | **TCP:** 443 73 | Default<BR>Required | No | `*.aadrm.com, *.azurerms.com, *.informationprotection.azure.com, ecn.dev.virtualearth.net, informationprotection.hosting.portal.azure.net` | **TCP:** 443 75 | Default<BR>Optional<BR>**Notes:** Graph.windows.net, Office 365 Management Pack for Operations Manager, SecureScore, Azure AD Device Registration, Forms, StaffHub, Application Insights, captcha services | No | `*.sharepointonline.com, dc.services.visualstudio.com, mem.gfx.ms, staffhub.ms` | **TCP:** 443
-78 | Default<BR>Optional<BR>**Notes:** Some Office 365 features require endpoints within these domains (including CDNs). Many specific FQDNs within these wildcards have been published recently as we work to either remove or better explain our guidance relating to these wildcards. | No | `*.microsoft.com, *.msocdn.com, *.onmicrosoft.com` | **TCP:** 443, 80
+78 | Default<BR>Optional<BR>**Notes:** Some Office 365 features require endpoints within these domains (including CDNs). Many specific FQDNs within these wildcards have been published recently as we work to either remove or better explain our guidance relating to these wildcards. | No | `*.azureedge.net, *.microsoft.com, *.msocdn.com, *.onmicrosoft.com` | **TCP:** 443, 80
79 | Default<BR>Required | No | `o15.officeredir.microsoft.com, officepreviewredir.microsoft.com, officeredir.microsoft.com, r.office.microsoft.com` | **TCP:** 443, 80 83 | Default<BR>Required | No | `activation.sls.microsoft.com` | **TCP:** 443 84 | Default<BR>Required | No | `crl.microsoft.com` | **TCP:** 443, 80 86 | Default<BR>Required | No | `office15client.microsoft.com, officeclient.microsoft.com` | **TCP:** 443 89 | Default<BR>Required | No | `go.microsoft.com` | **TCP:** 443, 80 91 | Default<BR>Required | No | `ajax.aspnetcdn.com, cdn.odc.officeapps.live.com` | **TCP:** 443, 80
-92 | Default<BR>Required | No | `officecdn.microsoft.com, officecdn.microsoft.com.edgesuite.net` | **TCP:** 443, 80
-93 | Default<BR>Optional<BR>**Notes:** ProPlus: auxiliary URLs | No | `*.virtualearth.net, c.bing.net, excelbingmap.firstpartyapps.oaspapps.com, ocos-office365-s2s.msedge.net, peoplegraph.firstpartyapps.oaspapps.com, tse1.mm.bing.net, wikipedia.firstpartyapps.oaspapps.com, www.bing.com` | **TCP:** 443, 80
+92 | Default<BR>Required | No | `officecdn.microsoft.com, officecdn.microsoft.com.edgesuite.net, otelrules.azureedge.net` | **TCP:** 443, 80
+93 | Default<BR>Optional<BR>**Notes:** ProPlus: auxiliary URLs | No | `*.virtualearth.net, c.bing.net, ocos-office365-s2s.msedge.net, tse1.mm.bing.net, www.bing.com` | **TCP:** 443, 80
95 | Default<BR>Optional<BR>**Notes:** Outlook for Android and iOS | No | `*.acompli.net, *.outlookmobile.com` | **TCP:** 443 96 | Default<BR>Optional<BR>**Notes:** Outlook for Android and iOS: Authentication | No | `login.windows-ppe.net` | **TCP:** 443 97 | Default<BR>Optional<BR>**Notes:** Outlook for Android and iOS: Consumer Outlook.com and OneDrive integration | No | `account.live.com, login.live.com` | **TCP:** 443 105 | Default<BR>Optional<BR>**Notes:** Outlook for Android and iOS: Outlook Privacy | No | `www.acompli.com` | **TCP:** 443
-114 | Default<BR>Optional<BR>**Notes:** Office Mobile URLs | No | `*.appex.bing.com, *.appex-rf.msn.com, c.bing.com, c.live.com, d.docs.live.net, directory.services.live.com, docs.live.net, partnerservices.getmicrosoftkey.com, signup.live.com` | **TCP:** 443, 80
+114 | Default<BR>Optional<BR>**Notes:** Office Mobile URLs | No | `*.appex.bing.com, *.appex-rf.msn.com, c.bing.com, c.live.com, d.docs.live.net, docs.live.net, partnerservices.getmicrosoftkey.com, signup.live.com` | **TCP:** 443, 80
116 | Default<BR>Optional<BR>**Notes:** Office for iPad URLs | No | `account.live.com, auth.gfx.ms, login.live.com` | **TCP:** 443, 80
-117 | Default<BR>Optional<BR>**Notes:** Viva Engage | No | `*.yammer.com, *.yammerusercontent.com` | **TCP:** 443
-118 | Default<BR>Optional<BR>**Notes:** Viva Engage CDN | No | `*.assets-yammer.com` | **TCP:** 443
+117 | Default<BR>Optional<BR>**Notes:** Yammer | No | `*.yammer.com, *.yammerusercontent.com` | **TCP:** 443
+118 | Default<BR>Optional<BR>**Notes:** Yammer CDN | No | `*.assets-yammer.com` | **TCP:** 443
121 | Default<BR>Optional<BR>**Notes:** Planner: auxiliary URLs | No | `www.outlook.com` | **TCP:** 443, 80 122 | Default<BR>Optional<BR>**Notes:** Sway CDNs | No | `eus-www.sway-cdn.com, eus-www.sway-extensions.com, wus-www.sway-cdn.com, wus-www.sway-extensions.com` | **TCP:** 443 124 | Default<BR>Optional<BR>**Notes:** Sway | No | `sway.com, www.sway.com` | **TCP:** 443
ID | Category | ER | Addresses | Ports
158 | Default<BR>Required | No | `*.cortana.ai` | **TCP:** 443 159 | Default<BR>Required | No | `admin.microsoft.com` | **TCP:** 443, 80 160 | Default<BR>Required | No | `cdn.odc.officeapps.live.com, cdn.uci.officeapps.live.com` | **TCP:** 443, 80
-184 | Default<BR>Required | No | `*.cloud.microsoft, *.static.microsoft` | **TCP:** 443, 80
+184 | Default<BR>Required | No | `*.cloud.microsoft, *.static.microsoft, *.usercontent.microsoft` | **TCP:** 443, 80
security Get Agent Details https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/Get-agent-details.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Scan History By Definition https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/Get-scan-history-by-definition.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Scan History By Session https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/Get-scan-history-by-session.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Add A New Scan Definition https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/add-a-new-scan-definition.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Add Or Remove Machine Tags https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/add-or-remove-machine-tags.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Add Or Remove Multiple Machine Tags https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/add-or-remove-multiple-machine-tags.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Alerts https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/alerts.md
audience: ITPro
- m365-security - tier1-
+- must-keep
+ search.appverid: met150
security Api Explorer https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/api-explorer.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Api Hello World https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/api-hello-world.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Api Microsoft Flow https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/api-microsoft-flow.md
- tier3 - search.appverid: met150 Last updated 12/18/2020
security Api Power Bi https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/api-power-bi.md
audience: ITPro
- m365-security - tier3
+- must-keep
security Api Release Notes https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/api-release-notes.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150 Last updated 02/02/2021
security Apis Intro https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/apis-intro.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Attack Surface Reduction Rules Deployment Test https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment-test.md
ms.localizationpriority: medium audience: ITPro-+
security Attack Surface Reduction Rules Report https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-report.md
Last updated 03/27/2023
search.appverid: met150
-<!-- v-jweston/jweston-1 is scheduled to resume authorship Apr/May 2023.-->
- # Attack surface reduction (ASR) rules report **Applies to:**
security Attack Surface Reduction https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/attack-surface-reduction.md
ms.pagetype: security ms.localizationpriority: medium audience: ITPro-+
security Automation Levels https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/automation-levels.md
Automated investigation and remediation (AIR) capabilities in Microsoft Defender
- You can keep your default automation settings, or change them according to your organizational needs. To change your settings, [set your level of automation](/microsoft-365/security/defender-endpoint/configure-automated-investigations-remediation#set-up-device-groups).
+> [!NOTE]
+> [Defender for Business](../defender-business/mdb-overview.md) depends on real-time protection for automatic investigation. Real-time protection must be enabled and in active mode to enable automatic investigation.
+ ## Next steps - [Configure automated investigation and remediation capabilities in Defender for Endpoint](configure-automated-investigations-remediation.md)
security Batch Delete Ti Indicators https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/batch-delete-ti-indicators.md
+
+ Title: Batch Delete Indicators API
+description: Learn how to use the Batch Delete Indicators API to delete indicator entities by ID in Microsoft Defender for Endpoint.
+keywords: apis, public api, supported apis, delete, ti indicator, entity, id
++++
+ms.localizationpriority: medium
++
+- m365-security
+- tier3
+- must-keep
++
+search.appverid: met150
Last updated : 07/31/2023++
+# Batch Delete Indicators
++
+**Applies to:**
+- [Microsoft Defender for Endpoint Plan 1](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+- [Microsoft Defender for Endpoint Plan 2](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+
+> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://signup.microsoft.com/create-account/signup?products=7f379fee-c4f9-4278-b0a1-e4c8c2fcdf7e&ru=https://aka.ms/MDEp2OpenTrial?ocid=docs-wdatp-exposedapis-abovefoldlink)
++++
+## API description
+
+Deletes [Indicator](ti-indicator.md) entities by ID.
+
+## Limitations
+
+Rate limitations for this API are 30 calls per minute and 1500 calls per hour.
+
+Batch size limit of up to 500 [Indicator](ti-indicator.md) IDs.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Get started](apis-intro.md)
+
+Permission type | Permission | Permission display name
+:|:|:
+Application | Ti.ReadWrite | 'Read and write TI Indicators'
+Application | Ti.ReadWrite.All | 'Read and write Indicators'
+
+## HTTP request
+
+```http
+POST https://api.securitycenter.microsoft.com/api/indicators/BatchDelete
+```
++
+## Request headers
+
+Name|Type|Description
+:|:|:
+Authorization | String | Bearer {token}. **Required**.
+
+## Request body
+
+In the request body, supply a JSON object with the following parameters:
+
+|Parameter|Type|Description|
+|:|:|:|
+|IndicatorIds|List *String* |A list of the IDs of the indicators to be removed. **Required**|
+
+## Response
+
+If Indicators all existed and were deleted successfully - 204 OK without content
+
+if indicator IDs list is empty or exceeds size limit - 400 Bad Request
+
+if any indicator ID is invalid - 400 Bad Request
+
+if requestor is not exposed to any indicator's device groups - 403 Forbidden
+
+If any Indicator ID was not found - 404 Not Found
+
+## Example
+
+### Request
+
+Here's an example of the request.
+
+```http
+POST https://api.securitycenter.microsoft.com/api/indicators/BatchDelete
+```
++
+```json
+{
+ "IndicatorIds": [ "1", "2", "5" ]
+}
+```
+
security Batch Update Alerts https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/batch-update-alerts.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150 Last updated 03/15/2021
security Cancel Machine Action https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/cancel-machine-action.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ Last updated 06/03/2021
security Collect Investigation Package https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/collect-investigation-package.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Common Errors https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/common-errors.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Create Alert By Reference https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/create-alert-by-reference.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Delete Library https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/delete-library.md
audience: ITPro - m365-security-- tier2
+- tier3
+- must-keep
security Delete Ti Indicator By Id https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/delete-ti-indicator-by-id.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Device Health Api Methods Properties https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/device-health-api-methods-properties.md
audience: ITPro - m365-security
+ - must-keep
- tier3-+ search.appverid: met150
security Device Health Export Antivirus Health Report Api https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/device-health-export-antivirus-health-report-api.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
-<!-- v-jweston/jweston-1 is scheduled to resume authorship Apr/May 2023.-->
- # Export device antivirus health report [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
security Device Health Sensor Health Os https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/device-health-sensor-health-os.md
-<!-- v-jweston/jweston-1 is scheduled to resume authorship Apr/May 2023.-->
- # Device health, Sensor health & OS report **Applies to:**
security Export Certificate Inventory Assessment https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/export-certificate-inventory-assessment.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Export Firmware Hardware Assessment https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/export-firmware-hardware-assessment.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Export Security Baseline Assessment https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/export-security-baseline-assessment.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Exposed Apis Create App Nativeapp https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/exposed-apis-create-app-nativeapp.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Exposed Apis Create App Partners https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/exposed-apis-create-app-partners.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Exposed Apis Create App Webapp https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/exposed-apis-create-app-webapp.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Exposed Apis Full Sample Powershell https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/exposed-apis-full-sample-powershell.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ Last updated 01/25/2023
security Exposed Apis List https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/exposed-apis-list.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Exposed Apis Odata Samples https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/exposed-apis-odata-samples.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Fetch Alerts Mssp https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/fetch-alerts-mssp.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Files https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/files.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Find Machine Info By Ip https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/find-machine-info-by-ip.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Find Machines By Ip https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/find-machines-by-ip.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Find Machines By Tag https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/find-machines-by-tag.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Alert Info By Id https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-alert-info-by-id.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Alert Related Domain Info https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-alert-related-domain-info.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Alert Related Files Info https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-alert-related-files-info.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Alert Related Ip Info https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-alert-related-ip-info.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Alert Related Machine Info https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-alert-related-machine-info.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Alert Related User Info https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-alert-related-user-info.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Alerts https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-alerts.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get All Recommendations https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-all-recommendations.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get All Scan Agents https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-all-scan-agents.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get All Scan Definitions https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-all-scan-definitions.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get All Vulnerabilities By Machines https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-all-vulnerabilities-by-machines.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get All Vulnerabilities https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-all-vulnerabilities.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Assessment Browser Extensions https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-assessment-browser-extensions.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Assessment Information Gathering https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-assessment-information-gathering.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Assessment Methods Properties https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-assessment-methods-properties.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Assessment Non Cpe Software Inventory https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-assessment-non-cpe-software-inventory.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Assessment Secure Config https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-assessment-secure-config.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Assessment Software Inventory https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-assessment-software-inventory.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150 Last updated 06/04/2021
-<!-- v-jweston/jweston-1 is scheduled to resume authorship Apr/May 2023.-->
- # Export software inventory assessment per device [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
security Get Assessment Software Vulnerabilities https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-assessment-software-vulnerabilities.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Authenticated Scan Properties https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-authenticated-scan-properties.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Browser Extensions Permission Info https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-browser-extensions-permission-info.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Device Secure Score https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-device-secure-score.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Discovered Vulnerabilities https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-discovered-vulnerabilities.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Domain Related Alerts https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-domain-related-alerts.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Domain Related Machines https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-domain-related-machines.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Domain Statistics https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-domain-statistics.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Exposure Score https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-exposure-score.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get File Information https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-file-information.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get File Related Alerts https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-file-related-alerts.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get File Related Machines https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-file-related-machines.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get File Statistics https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-file-statistics.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Installed Software https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-installed-software.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Investigation Collection https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-investigation-collection.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Investigation Object https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-investigation-object.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Ip Related Alerts https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-ip-related-alerts.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Ip Statistics https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-ip-statistics.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Live Response Result https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-live-response-result.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ Last updated 06/03/2021
security Get Machine By Id https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-machine-by-id.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Machine Group Exposure Score https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-machine-group-exposure-score.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Machine Log On Users https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-machine-log-on-users.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Machine Related Alerts https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-machine-related-alerts.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Machineaction Object https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-machineaction-object.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Machineactions Collection https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-machineactions-collection.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Machines By Software https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-machines-by-software.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Machines By Vulnerability https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-machines-by-vulnerability.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Machines https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-machines.md
ms.localizationpriority: medium audience: ITPro-+ - m365-security - tier3
+- must-keep
search.appverid: met150
security Get Missing Kbs Machine https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-missing-kbs-machine.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Missing Kbs Software https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-missing-kbs-software.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Package Sas Uri https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-package-sas-uri.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Recommendation By Id https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-recommendation-by-id.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Recommendation Machines https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-recommendation-machines.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Recommendation Vulnerabilities https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-recommendation-vulnerabilities.md
audience: ITPro
- m365-security - tier3 -
+- must-keep
+ search.appverid: met150
security Get Remediation All Activities https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-remediation-all-activities.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Remediation Exposed Devices Activities https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-remediation-exposed-devices-activities.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Remediation Methods Properties https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-remediation-methods-properties.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Remediation One Activity https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-remediation-one-activity.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Security Baselines Assessment Configurations https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-security-baselines-assessment-configurations.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Security Baselines Assessment Profiles https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-security-baselines-assessment-profiles.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Security Recommendations https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-security-recommendations.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Software By Id https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-software-by-id.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Software Ver Distribution https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-software-ver-distribution.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Software https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-software.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Ti Indicators Collection https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-ti-indicators-collection.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get User Related Alerts https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-user-related-alerts.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get User Related Machines https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-user-related-machines.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Vuln By Software https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-vuln-by-software.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Get Vulnerability By Id https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-vulnerability-by-id.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Import Ti Indicators https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/import-ti-indicators.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Initiate Autoir Investigation https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/initiate-autoir-investigation.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Investigation https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/investigation.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Isolate Machine https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/isolate-machine.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security List Library Files https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/list-library-files.md
audience: ITPro
- m365-security - tier3
+- must-keep
security List Recommendation Software https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/list-recommendation-software.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Machine https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/machine.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Management Apis https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/management-apis.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Network Protection Linux https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/network-protection-linux.md
search.appverid: met150
Last updated 02/17/2023
-<!--v-jweston/jweston-1 is to resume authorship appx. April/May 2023.-->
- # Network protection for Linux [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
security Offboard Machine Api https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/offboard-machine-api.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Post Ti Indicator https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/post-ti-indicator.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Raw Data Export Event Hub https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/raw-data-export-event-hub.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Raw Data Export Storage https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/raw-data-export-storage.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Raw Data Export https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/raw-data-export.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Recommendation https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/recommendation.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Restrict Code Execution https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/restrict-code-execution.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Run Advanced Query Api https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/run-advanced-query-api.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Run Advanced Query Sample Powershell https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/run-advanced-query-sample-powershell.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Run Advanced Query Sample Python https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/run-advanced-query-sample-python.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Run Av Scan https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/run-av-scan.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Run Live Response https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/run-live-response.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ Last updated 04/18/2023
security Score https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/score.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Set Device Value https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/set-device-value.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Software https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/software.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Stop And Quarantine File https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/stop-and-quarantine-file.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Ti Indicator https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/ti-indicator.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Unisolate Machine https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/unisolate-machine.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Unrestrict Code Execution https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/unrestrict-code-execution.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Update Alert https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/update-alert.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Update Machine Method https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/update-machine-method.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Upload Library https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/upload-library.md
audience: ITPro
- m365-security - tier2
+- must-keep
security User https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/user.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Vulnerability https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/vulnerability.md
audience: ITPro
- m365-security - tier3-
+- must-keep
+ search.appverid: met150
security Api Access https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/api-access.md
audience: ITPro
- m365-security - tier3-
+ - must-keep
+ search.appverid: - MOE150 - MET150
security Api Advanced Hunting https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/api-advanced-hunting.md
audience: ITPro
- m365-security - tier3-
+ - must-keep
+ search.appverid: - MOE150 - MET150
security Api Articles https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/api-articles.md
audience: ITPro
- m365-security - tier3-
+ - must-keep
+ search.appverid: - MOE150 - MET150
security Api Create App User Context https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/api-create-app-user-context.md
audience: ITPro
- m365-security - tier3-
+ - must-keep
+ search.appverid: - MOE150 - MET150
security Api Create App Web https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/api-create-app-web.md
audience: ITPro
- m365-security - tier3-
+ - must-keep
+ search.appverid: - MOE150 - MET150
security Api Error Codes https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/api-error-codes.md
audience: ITPro
- m365-security - tier3-
+ - must-keep
+ search.appverid: - MOE150 - MET150
security Api Get Incident https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/api-get-incident.md
audience: ITPro
- m365-security - tier3-
+ - must-keep
+ search.appverid: met150 Last updated 02/08/2023
security Api Hello World https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/api-hello-world.md
audience: ITPro
- m365-security - tier3-
+ - must-keep
+ search.appverid: - MOE150 - MET150
security Api Incident https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/api-incident.md
audience: ITPro
- m365-security - tier3-
+ - must-keep
+ search.appverid: - MOE150 - MET150
security Api List Incidents https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/api-list-incidents.md
audience: ITPro
- m365-security - tier3-
+ - must-keep
+ search.appverid: - MOE150 - MET150
security Api Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/api-overview.md
audience: ITPro
- m365-security - tier3-
+ - must-keep
+ search.appverid: - MOE150 - MET150
security Api Partner Access https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/api-partner-access.md
audience: ITPro
- m365-security - tier3-
+ - must-keep
+ search.appverid: - MOE150 - MET150
security Api Supported https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/api-supported.md
audience: ITPro
- m365-security - tier3-
+ - must-keep
+ search.appverid: - MOE150 - MET150
security Api Update Incidents https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/api-update-incidents.md
audience: ITPro
- m365-security - tier3-
+ - must-keep
+ search.appverid: - MOE150 - MET150
security Data Privacy https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/data-privacy.md
Customer data in pseudonymized form might also be stored in central storage and
For more information on the data storage and privacy information of the specific products, see: - [Microsoft Defender for Endpoint data storage and privacy](/windows/security/threat-protection/microsoft-defender-atp/data-storage-privacy) - [Microsoft Defender for Cloud Apps data security and privacy](/cloud-app-security/cas-compliance-trust)
+- [Microsoft Defender for Identity data security and privacy](/defender-for-identity/privacy-compliance)
- [Microsoft 365 privacy, security, and transparency](/office365/servicedescriptions/office-365-platform-service-description/privacy-security-and-transparency#advanced-threat-protection) [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/defender-m3d-techcommunity.md)]
security Fetch Incidents https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/fetch-incidents.md
audience: ITPro
- m65-security-compliance - tier3-
+- must-keep
+ Last updated 10/25/2021
security Anti Spam Policies Configure https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/anti-spam-policies-configure.md
You can configure anti-spam policies in the Microsoft 365 Defender portal or in
- **Contains specific languages**: Select **On** or **Off** from the dropdown list. If you turn it on, a box appears. Start typing the name of a language in the box. A filtered list of supported languages appears. When you find the language that you're looking for, select it. Repeat this step as many times as necessary. To remove an existing value, select :::image type="icon" source="../../media/m365-cc-sc-remove-selection-icon.png" border="false"::: next to the value.
- - **From these countries***: Select **On** or **Off** from the dropdown list. If you turn it on, a box appears. Start typing the name of a country in the box. A filtered list of supported countries/regions appears. When you find the country that you're looking for, select it. Repeat this step as many times as necessary. To remove an existing value, select :::image type="icon" source="../../media/m365-cc-sc-remove-selection-icon.png" border="false"::: next to the value.
+ - **From these countries***: Select **On** or **Off** from the dropdown list. If you turn it on, a box appears. Start typing the name of a country/region in the box. A filtered list of supported countries/regions appears. When you find the country/region that you're looking for, select it. Repeat this step as many times as necessary. To remove an existing value, select :::image type="icon" source="../../media/m365-cc-sc-remove-selection-icon.png" border="false"::: next to the value.
When you're finished on the **Bulk email threshold & spam properties** page, select **Next**.
security Mdo Email Entity Page https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/mdo-email-entity-page.md
f1.keywords:
Previously updated : 6/15/2023 Last updated : 7/31/2023 audience: ITPro
- tier1 - highpri
-description: Microsoft Defender for Office 365 E5 and P1 and P2 customers can see email details in all Microsoft Defender for Office 365 experiences including the email headers for copy, Detection details, Threats detected, Latest and Original delivery locations, Delivery actions, and IDs like Alert Id, Network Message ID and more.
+description: Microsoft 365 E5 and Microsoft Defender for Office 365 Plan 1 and Plan 2 customers can see email details in all Microsoft Defender for Office 365 experiences including the email headers for copy, Detection details, Threats detected, Latest and Original delivery locations, Delivery actions, and IDs like Alert Id, Network Message ID and more.
search.appverid: met150 appliesto: - ✅ <a href="https://learn.microsoft.com/microsoft-365/security/office-365-security/microsoft-defender-for-office-365-product-overview#microsoft-defender-for-office-365-plan-1-vs-plan-2-cheat-sheet" target="_blank">Microsoft Defender for Office 365 plan 1 and plan 2</a>
appliesto:
[!INCLUDE [MDO Trial banner](../includes/mdo-trial-banner.md)]
-Admins of Microsoft Defender for Office 365 E5, and Defender for Office P1 and P2 have a 360-degree view of email using the **Email entity page**. This go-to email page was created to enhance information delivered throughout Microsoft Defender for Office 365 and Microsoft 365 Defender.
+Admins of Microsoft 365 E5, and Microsoft Defender for Office 365 Plan 1 and and Plan 2 have a 360-degree view of email using the **Email entity page**. This go-to email page was created to enhance information delivered throughout Microsoft Defender for Office 365 and Microsoft 365 Defender.
See email details in the experiences below, including [previewing and downloading the email](#email-preview-and-download-for-cloud-mailboxes), the email headers *with the option to copy*, Detection details, Threats detected, Latest and Original delivery locations, Delivery actions, and IDs like Alert ID, Network Message ID and more.
security Priority Accounts Security Recommendations https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/priority-accounts-security-recommendations.md
description: Admins can learn how to elevate the security settings and use reports, alerts, and investigations for priority accounts in their Microsoft 365 organizations. Previously updated : 6/19/2023 Last updated : 7/31/2023 appliesto: - ✅ <a href="https://learn.microsoft.com/microsoft-365/security/office-365-security/microsoft-defender-for-office-365-product-overview#microsoft-defender-for-office-365-plan-1-vs-plan-2-cheat-sheet" target="_blank">Microsoft Defender for Office 365 plan 1 and plan 2</a> - ✅ <a href="https://learn.microsoft.com/microsoft-365/security/defender/microsoft-365-defender" target="_blank">Microsoft 365 Defender</a>
After you secure and tag your priority users, you can use the available reports,
|Incidents|The user tags for all correlated alerts are visible on the **Incidents** page in the Microsoft 365 Defender portal. For more information, see [Manage incidents and alerts](mdo-sec-ops-manage-incidents-and-alerts.md).| |Custom alert policies|You can create alert policies based on user tags in the Microsoft 365 Defender portal. For more information, see [Alert policies in Microsoft 365](../../compliance/alert-policies.md).| |Explorer <p> Real-time detections|In **Explorer** (Defender for Office 365 Plan 2) or **Real-time detections** (Defender for Office 365 Plan 1), user tags are visible in the Email grid view and the Email details flyout. User tags are also available as a filterable property. For more information, see [Tags in Explorer](threat-explorer-about.md#tags-in-threat-explorer).|
-|Email entity page|You can filter emails based on applied user tags in Microsoft Defender for Office 365 E5, and Defender for Office P1 and P2. For more information, see [Email entity page](mdo-email-entity-page.md).|
+|Email entity page|You can filter email based on applied user tags in Microsoft 365 E5 and in Defender for Office 365 Plan 1 and Plan 2. For more information, see [Email entity page](mdo-email-entity-page.md).|
|Campaign Views|User tags are one of many filterable properties in Campaign Views in Microsoft Defender for Office 365 Plan 2. For more information, see [Campaign Views](campaigns.md).| |Threat protection status report|In virtually all of the views and detail tables in the **Threat protection status report**, you can filter the results by **priority accounts**. For more information, see [Threat protection status report](reports-email-security.md#threat-protection-status-report).| |Top senders and recipients report|You can add this user tag to the top 20 message senders in your organization. For more information, see [Top senders and recipients report](reports-email-security.md#top-senders-and-recipients-report).|
security Try Microsoft Defender For Office 365 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/try-microsoft-defender-for-office-365.md
ROBOTS: Previously updated : 7/12/2023 Last updated : 7/31/2023 # Try Microsoft Defender for Office 365
This article helps you answer those questions so you can try Defender for Office
For a companion guide for how to use your trial, see [Trial User Guide: Microsoft Defender for Office 365](trial-user-guide-defender-for-office-365.md).
+> [!NOTE]
+> Trials and evaluations of Defender for Office 365 aren't available in U.S. Government organizations (Microsoft 365 GCC, GCC High, and DoD) or Microsoft 365 Education organizations.
+ ## Overview of Defender for Office 365 Defender for Office 365 helps organizations secure their enterprise by offering a comprehensive slate of capabilities. For more information, see [Microsoft Defender for Office 365](defender-for-office-365.md).
security Zero Hour Auto Purge https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/zero-hour-auto-purge.md
description: Zero-hour auto purge (ZAP) moves delivered messages in Microsoft 365 mailboxes to the Junk Email folder or quarantine if those messages are retroactively found to be spam, phishing, or contain malware. Previously updated : 7/19/2023 Last updated : 7/31/2023 appliesto: - ✅ <a href="https://learn.microsoft.com/microsoft-365/security/office-365-security/eop-about" target="_blank">Exchange Online Protection</a> - ✅ <a href="https://learn.microsoft.com/microsoft-365/security/office-365-security/microsoft-defender-for-office-365-product-overview#microsoft-defender-for-office-365-plan-1-vs-plan-2-cheat-sheet" target="_blank">Microsoft Defender for Office 365 plan 1 and plan 2</a>
ZAP doesn't quarantine messages that are in the process of [Dynamic Delivery](sa
## Zero-hour auto purge (ZAP) in Microsoft Teams > [!NOTE]
-> ZAP for Microsoft Teams is available only to customers with Microsoft Defender for Office 365 E5 and Defender for Office P2 subscriptions.
+> ZAP for Microsoft Teams is available only to customers with Microsoft 365 E5 or Microsoft Defender for Office 365 Plan 2 subscriptions.
> > Currently, ZAP is available for internal messages that are identified as malware or high confidence phishing. >
syntex Duplicate A Model https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/duplicate-a-model.md
audience: admin Previously updated : 10/18/2022 Last updated : 07/31/2023 search.appverid:
syntex Syntex Pay As You Go Services https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/syntex-pay-as-you-go-services.md
When you use Microsoft Syntex [pay-as-you-go](syntex-azure-billing.md), services
|:-|:--|:-| |Prebuilt document processing|The number of pages processed for PDF or image files. Each of these counts as one transaction. You won't be charged for model training. You'll be charged for processing whether or not there's a positive classification, or any entities extracted.<br><br>Processing occurs on document upload and on subsequent updates. Processing is counted for each model applied. For example, if you have two models applied to a library and you upload or update a five-page document in that library, the total pages processed is 10.|$0.01/transaction| |Unstructured document processing|The number of pages processed for Word, PDF, or TIFF files; the number of sheets for Excel files; the number of slides for PowerPoint files; or the number of files for other file types. Each of these counts as one transaction. You won't be charged for model training. You'll be charged for processing whether or not there's a positive classification, or any entities extracted.<br><br>Processing occurs on document upload and on subsequent updates. Processing is counted for each model applied. For example, if you have two models applied to a library and you upload or update a five-page document in that library, the total pages processed is 10.|$0.05/transaction|
-|Image tagging |The number of images processed. Each processed image counts as one transaction. You wonΓÇÖt be charged if you only enable pay-as-you-go billing for image tagging. You'll be charged only when you [enable image tagging on a document library](image-tagging.md). |$0.001/image |
+|Image tagging |The number of images processed. Each processed image counts as one transaction. You wonΓÇÖt be charged if you only enable pay-as-you-go billing for image tagging. You'll be charged only when you [enable image tagging on a document library](image-tagging.md). |$0.001/transaction |
|Optical character recognition |The number of pages processed for images (JPEG, JPG, PNG, or BMP); the number of pages processed for PDF, TIF, or TIFF; or the number of embedded images in Teams chats and email messages. Each of these counts as one transaction. Processing occurs every time the file is edited. |$0.001/transaction| ## Related articles