Docs update tracker

Updates from: 09/05/2023 03:17:56

Category	Microsoft Docs article	Related commit history on GitHub	Change details
includes	Microsoft 365 Content Updates	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/includes/microsoft-365-content-updates.md	+## Week of August 28, 2023 ++ +\| Published On \|Topic title \| Change \| +\|\|\|--\| +\| 8/28/2023 \| [Add more SharePoint storage to your subscription](/microsoft-365/commerce/add-storage-space?view=o365-worldwide) \| modified \| +\| 8/28/2023 \| [Buy and manage add-ons in the Microsoft 365 admin center](/microsoft-365/commerce/buy-or-edit-an-add-on?view=o365-worldwide) \| modified \| +\| 8/28/2023 \| [Allow cookies for LMS URLs in your browser](/microsoft-365/lti/browser-cookies?view=o365-worldwide) \| modified \| +\| 8/28/2023 \| [Block potentially unwanted applications with Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus?view=o365-worldwide) \| modified \| +\| 8/28/2023 \| [Manage how and where Microsoft Defender Antivirus receives updates](/microsoft-365/security/defender-endpoint/manage-protection-updates-microsoft-defender-antivirus?view=o365-worldwide) \| modified \| +\| 8/28/2023 \| [Microsoft Defender Antivirus in the Windows Security app](/microsoft-365/security/defender-endpoint/microsoft-defender-security-center-antivirus?view=o365-worldwide) \| modified \| +\| 8/28/2023 \| [Restore quarantined files in Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/restore-quarantined-files-microsoft-defender-antivirus?view=o365-worldwide) \| modified \| +\| 8/29/2023 \| [FAQs related to Microsoft Defender Experts for XDR incident notifications](/microsoft-365/security/defender/faq-incident-notifications-xdr?view=o365-worldwide) \| added \| +\| 8/29/2023 \| [List of fixed customer reported inaccuracies](/microsoft-365/security/defender-vulnerability-management/fixed-reported-inaccuracies?view=o365-worldwide) \| modified \| +\| 8/29/2023 \| [How to use the Microsoft Defender Experts for XDR service](/microsoft-365/security/defender/start-using-mdex-xdr?view=o365-worldwide) \| modified \| +\| 8/29/2023 \| [Overview of content processing in Microsoft Syntex](/microsoft-365/syntex/content-processing-overview) \| modified \| +\| 8/29/2023 \| [Understanding overrides within the email entity page in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/step-by-step-guides/understand-overrides-in-email-entity?view=o365-worldwide) \| added \| +\| 8/29/2023 \| [Microsoft Syntex Optical Character Recognition (ΓÇ£OCRΓÇ¥) Feature Preview Agreement](/microsoft-365/syntex/ocr-preview-terms) \| added \| +\| 8/29/2023 \| Privacy and security in Basic Mobility and Security \| removed \| +\| 8/29/2023 \| Quick help Deleted users checklist \| removed \| +\| 8/29/2023 \| Conformance metadata for Message Center posts \| removed \| +\| 8/29/2023 \| Add a marketing campaign ID to a Bookings page URL \| removed \| +\| 8/29/2023 \| [Customize and publish your booking page](/microsoft-365/bookings/customize-booking-page?view=o365-worldwide) \| modified \| +\| 8/29/2023 \| Language translation for Service health dashboard \| removed \| +\| 8/29/2023 \| [How to check Microsoft 365 service health](/microsoft-365/enterprise/view-service-health?view=o365-worldwide) \| modified \| +\| 8/30/2023 \| [Troubleshoot system extension issues for Microsoft Defender for Endpoint on macOS](/microsoft-365/security/defender-endpoint/mac-support-sys-ext?view=o365-worldwide) \| added \| +\| 8/30/2023 \| [Manage profiles and approve extensions using Intune](/microsoft-365/security/defender-endpoint/manage-profiles-approve-sys-extensions-intune?view=o365-worldwide) \| added \| +\| 8/30/2023 \| [Manage system extensions using the manual methods of deployment](/microsoft-365/security/defender-endpoint/manage-sys-extensions-manual-deployment?view=o365-worldwide) \| added \| +\| 8/30/2023 \| [Manage system extensions using other MDM solutions](/microsoft-365/security/defender-endpoint/manage-sys-extensions-other-mdm?view=o365-worldwide) \| added \| +\| 8/30/2023 \| [Manage system extensions using JamF](/microsoft-365/security/defender-endpoint/manage-sys-extensions-using-jamf?view=o365-worldwide) \| added \| +\| 8/30/2023 \| [Microsoft Defender Antivirus security intelligence and product updates](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-updates?view=o365-worldwide) \| modified \| +\| 8/30/2023 \| [Microsoft Defender Antivirus updates - Previous versions for technical upgrade support](/microsoft-365/security/defender-endpoint/msda-updates-previous-versions-technical-upgrade-support?view=o365-worldwide) \| modified \| +\| 8/30/2023 \| [Anti-malware protection](/microsoft-365/security/office-365-security/anti-malware-protection-about?view=o365-worldwide) \| modified \| +\| 8/30/2023 \| [Determine if Centralized Deployment of add-ins works for your organization](/microsoft-365/admin/manage/centralized-deployment-of-add-ins?view=o365-worldwide) \| modified \| +\| 8/30/2023 \| [Deploy add-ins in the admin center](/microsoft-365/admin/manage/manage-deployment-of-add-ins?view=o365-worldwide) \| modified \| +\| 8/30/2023 \| [Use network protection to help prevent Linux connections to bad sites](/microsoft-365/security/defender-endpoint/network-protection-linux?view=o365-worldwide) \| modified \| +\| 8/30/2023 \| [Enable the Report Message or the Report Phishing add-ins](/microsoft-365/security/office-365-security/submissions-users-report-message-add-in-configure?view=o365-worldwide) \| modified \| +\| 8/30/2023 \| [Quarantined email messages](/microsoft-365/security/office-365-security/quarantine-about?view=o365-worldwide) \| modified \| +\| 8/31/2023 \| [Overview of taxonomy tagging in Microsoft Syntex](/microsoft-365/syntex/taxonomy-tagging-overview) \| added \| +\| 8/31/2023 \| [Set up and manage taxonomy tagging in Microsoft Syntex](/microsoft-365/syntex/taxonomy-tagging-setup) \| added \| +\| 8/31/2023 \| [Find and manage terms using taxonomy tagging in Microsoft Syntex](/microsoft-365/syntex/taxonomy-tagging) \| added \| +\| 8/31/2023 \| [Microsoft 365 data locations](/microsoft-365/enterprise/o365-data-locations?view=o365-worldwide) \| modified \| +\| 8/31/2023 \| [Overview of Microsoft Syntex](/microsoft-365/syntex/syntex-overview) \| modified \| +\| 8/31/2023 \| [Test Base FAQ](/microsoft-365/test-base/faq?view=o365-worldwide) \| modified \| +\| 8/31/2023 \| [Functional testing on Test Base](/microsoft-365/test-base/functional?view=o365-worldwide) \| modified \| +\| 8/31/2023 \| [Close your Microsoft business account](/microsoft-365/commerce/close-your-account?view=o365-worldwide) \| modified \| +\| 9/1/2023 \| Scheduler for Microsoft 365 # < 60 chars \| removed \| +\| 9/1/2023 \| [Onboard Windows devices using a local script](/microsoft-365/security/defender-endpoint/configure-endpoints-script?view=o365-worldwide) \| modified \| +\| 9/1/2023 \| [Use the Microsoft 365 admin center to manage your Shifts connection to Blue Yonder Workforce Management (Preview)](/microsoft-365/frontline/shifts-connector-blue-yonder-admin-center-manage?view=o365-worldwide) \| modified \| +\| 9/1/2023 \| [Use the Microsoft 365 admin center to manage your Shifts connection to UKG Dimensions (Preview)](/microsoft-365/frontline/shifts-connector-ukg-admin-center-manage?view=o365-worldwide) \| modified \| +\| 9/1/2023 \| [Anti-malware protection](/microsoft-365/security/office-365-security/anti-malware-protection-about?view=o365-worldwide) \| modified \| ++ ## Week of August 21, 2023 \| 8/4/2023 \| [Step 2. Protect your Microsoft 365 privileged accounts](/microsoft-365/enterprise/protect-your-global-administrator-accounts?view=o365-worldwide) \| modified \| \| 8/4/2023 \| [Deploy frontline dynamic teams at scale](/microsoft-365/frontline/deploy-dynamic-teams-at-scale?view=o365-worldwide) \| modified \| \| 8/4/2023 \| [Create a B2B extranet with managed guests](/microsoft-365/solutions/b2b-extranet?view=o365-worldwide) \| modified \|-- -## Week of July 24, 2023 -- -\| Published On \|Topic title \| Change \| -\|\|\|--\| -\| 7/24/2023 \| [Manage auto-claim policies in the Microsoft 365 admin center](/microsoft-365/commerce/licenses/manage-auto-claim-policies?view=o365-worldwide) \| modified \| -\| 7/24/2023 \| [Collaborate with guests from other Microsoft 365 cloud environments](/microsoft-365/solutions/collaborate-guests-cross-cloud?view=o365-worldwide) \| added \| -\| 7/24/2023 \| [Microsoft Defender Antivirus security intelligence and product updates](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-updates?view=o365-worldwide) \| modified \| -\| 7/25/2023 \| [Use the streaming API (preview) with Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-streaming-api?view=o365-worldwide) \| added \| -\| 7/25/2023 \| [Manage schedule owners for shift management](/microsoft-365/frontline/schedule-owner-for-shift-management?view=o365-worldwide) \| modified \| -\| 7/25/2023 \| Identify Defender for Endpoint architecture and deployment method \| removed \| -\| 7/25/2023 \| [Resources for Microsoft Defender for Endpoint on Mac](/microsoft-365/security/defender-endpoint/mac-resources?view=o365-worldwide) \| modified \| -\| 7/26/2023 \| [What's new in Microsoft Defender for Endpoint on Linux](/microsoft-365/security/defender-endpoint/linux-whatsnew?view=o365-worldwide) \| modified \| -\| 7/26/2023 \| [Hide the Microsoft Defender Antivirus interface](/microsoft-365/security/defender-endpoint/prevent-end-user-interaction-microsoft-defender-antivirus?view=o365-worldwide) \| modified \| -\| 7/26/2023 \| [Overview of Syntex File Q&A for Copilot (Preview)](/microsoft-365/syntex/copilot-syntex) \| modified \| -\| 7/26/2023 \| [Cross-tenant mailbox migration](/microsoft-365/enterprise/cross-tenant-mailbox-migration?view=o365-worldwide) \| modified \| -\| 7/26/2023 \| [Deploy frontline dynamic teams at scale](/microsoft-365/frontline/deploy-dynamic-teams-at-scale?view=o365-worldwide) \| modified \| -\| 7/26/2023 \| [User reported message settings in Teams](/microsoft-365/security/office-365-security/submissions-teams?view=o365-worldwide) \| modified \| -\| 7/27/2023 \| [Overview of image tagging in Microsoft Syntex](/microsoft-365/syntex/image-tagging-overview) \| added \| -\| 7/27/2023 \| [Set up and manage image tagging in Microsoft Syntex](/microsoft-365/syntex/image-tagging-setup) \| added \| -\| 7/27/2023 \| [Attack surface reduction rules reference](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference?view=o365-worldwide) \| modified \| -\| 7/27/2023 \| [Hardware and firmware assessment methods and properties per device](/microsoft-365/security/defender-endpoint/export-firmware-hardware-assessment?view=o365-worldwide) \| modified \| -\| 7/27/2023 \| [Compare Microsoft Defender Vulnerability Management plans and capabilities](/microsoft-365/security/defender-vulnerability-management/defender-vulnerability-management-capabilities?view=o365-worldwide) \| modified \| -\| 7/27/2023 \| [Find and manage images using image tagging in Microsoft Syntex](/microsoft-365/syntex/image-tagging) \| modified \| -\| 7/27/2023 \| [Overview of Microsoft Syntex](/microsoft-365/syntex/syntex-overview) \| modified \| -\| 7/27/2023 \| [Run the client analyzer on macOS or Linux](/microsoft-365/security/defender-endpoint/run-analyzer-macos-linux?view=o365-worldwide) \| modified \| -\| 7/27/2023 \| [Configure spam filter policies](/microsoft-365/security/office-365-security/anti-spam-policies-configure?view=o365-worldwide) \| modified \| -\| 7/27/2023 \| [Zero-hour auto purge in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/zero-hour-auto-purge?view=o365-worldwide) \| modified \| -\| 7/27/2023 \| [Create your collaboration governance plan](/microsoft-365/solutions/collaboration-governance-first?view=o365-worldwide) \| modified \| -\| 7/27/2023 \| [A collaboration governance framework for Microsoft 365](/microsoft-365/solutions/collaboration-governance-overview?view=o365-worldwide) \| modified \| -\| 7/27/2023 \| [SharePoint and Microsoft 365 Groups integration (IT Admins)](/microsoft-365/solutions/groups-sharepoint-governance?view=o365-worldwide) \| modified \| -\| 7/28/2023 \| [Identify Defender for Endpoint architecture and deployment method](/microsoft-365/security/defender-endpoint/deployment-strategy?view=o365-worldwide) \| added \| -\| 7/28/2023 \| [Overview of Microsoft Syntex](/microsoft-365/syntex/syntex-overview) \| modified \| -\| 7/28/2023 \| [Partner applications in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/partner-applications?view=o365-worldwide) \| modified \| -\| 7/28/2023 \| [Troubleshoot problems with attack surface reduction rules](/microsoft-365/security/defender-endpoint/troubleshoot-asr?view=o365-worldwide) \| modified \| -\| 7/28/2023 \| Software developer resources \| removed \| -\| 7/28/2023 \| [Microsoft 365 Groups and Microsoft Teams naming policy](/microsoft-365/solutions/groups-naming-policy?view=o365-worldwide) \| modified \| -\| 7/28/2023 \| Groups services interactions \| removed \| -\| 7/28/2023 \| [Microsoft Teams, SharePoint, and Microsoft 365 Groups integration (IT Admins)](/microsoft-365/solutions/groups-sharepoint-teams-governance?view=o365-worldwide) \| modified \| -\| 7/28/2023 \| [Governing access in Microsoft 365 groups, Teams, and SharePoint](/microsoft-365/solutions/groups-teams-access-governance?view=o365-worldwide) \| modified \| -\| 7/28/2023 \| Communications governance for collaboration scenarios \| removed \| -\| 7/28/2023 \| Compliance options for Microsoft 365 groups, Teams, and SharePoint collaboration \| removed \| -\| 7/28/2023 \| [Plan organization and lifecycle governance for Microsoft 365 groups and Microsoft Teams](/microsoft-365/solutions/plan-organization-lifecycle-governance?view=o365-worldwide) \| modified \|
security	Compare Rbac Roles	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/compare-rbac-roles.md	Use the tables in the following sections to learn more about how your existing i \|Defender Vulnerability management ΓÇô Manage security baselines assessment profiles\|Security posture \ posture management \ Security baselines assessment (manage)\| \|Live response capabilities\|Security operations \ Basic live response (manage)\| \|Live response capabilities - advanced\|Security operations \ Advanced live response (manage) </br> Security operations \ Security data \ File collection (manage)\| -\|Manage security settings in the Security Center\|Authorization and settings \ Security setting (All permissions)\| -\|Manage portal system settings\|Authorization and settings \ System setting (All permissions)\| +\|Manage security settings in the Security Center \| Authorization and settings \ Security settings \ Core security settings (manage) </br> Authorization and settings\Security settings \ Detection tuning (manage)\| +\|Manage portal system settings\|Authorization and settings \ System setting (Read and manage)\| \|Manage endpoint security settings in Microsoft Intune\|Not supported - this permission is managed in the Microsoft Intune admin center\| ### Map Defender for Office 365 (Exchange Online Protection) roles to the Microsoft 365 Defender Unified RBAC permissions \|Defender for Office (EOP) role group\|Microsoft 365 Defender Unified RBAC permission\| \|\|\|\| -\|Security reader\|Security operations \ Security data \Security data basics (read)</br>Security operations \ Raw data (Email & collaboration) \ Email message headers (read)</br>Security operations \ Security data \ Response (manage) </br>Authorization and settings \ Security setting (read) </br>Authorization and settings \ System setting (read)\| -\|Global reader\|Security operations \ Security data \ Security data basics (read)</br>Security operations \ Raw data (Email & collaboration) \ Email message headers (read)</br>Security operations \ Security data \ Response (manage) </br>Authorization and settings \ Security setting (read) </br>Authorization and settings \ System setting (read)\| -\|Security administrator\|Security operations \ Security data \ Security data basics (read) </br>Security operations \ Security data \ Alerts (manage)</br>Security operations \ Raw data (Email & collaboration) \ Email message headers (read)</br>Security operations \ Security data \ Response (manage) </br>Security operations \ Security data \ Email quarantine (manage)</br>Authorization and settings \ Authorization (read) </br> Authorization and settings \ Security setting (All permissions) </br>Authorization and settings \ System setting (All permissions)\| -\|Organization Management\|Security operations \ Security data \ Security data basics (read) </br>Security operations \ Security data \ Alerts (manage)</br>Security operations \ Raw data (Email & collaboration) \ Email message headers (read) </br>Security operations \ Security data \ Response (manage) </br>Security operations \ Security data \ Email advanced actions (manage)</br>Security operations \ Security data \ Email quarantine (manage)</br>Authorization and settings \ Authorization (All permissions) </br> Authorization and settings \ Security setting (All permissions) </br>Authorization and settings \ System setting (All permissions)\| +\|Security reader\|Security operations \ Security data \Security data basics (read)</br>Security operations \ Raw data (Email & collaboration) \ Email message headers (read)</br>Security operations \ Security data \ Response (manage) </br>Authorization and settings \ Security settings \ Core security settings (read) </br>Authorization and settings \ System setting (read)\| +\|Global reader\|Security operations \ Security data \ Security data basics (read)</br>Security operations \ Raw data (Email & collaboration) \ Email message headers (read)</br>Security operations \ Security data \ Response (manage) </br>Authorization and settings \ Security settings \ Core security settings (read) </br>Authorization and settings \ System setting (read)\| +\|Security administrator\|Security operations \ Security data \ Security data basics (read) </br>Security operations \ Security data \ Alerts (manage)</br>Security operations \ Raw data (Email & collaboration) \ Email message headers (read)</br>Security operations \ Security data \ Response (manage) </br>Security operations \ Security data \ Email quarantine (manage)</br>Authorization and settings \ Authorization (read) </br> Authorization and settings \ Security setting (All permissions) </br>Authorization and settings \ System settings (Read and manage)\| +\|Organization Management\|Security operations \ Security data \ Security data basics (read) </br>Security operations \ Security data \ Alerts (manage)</br>Security operations \ Raw data (Email & collaboration) \ Email message headers (read) </br>Security operations \ Security data \ Response (manage) </br>Security operations \ Security data \ Email advanced actions (manage)</br>Security operations \ Security data \ Email quarantine (manage)</br>Authorization and settings \ Authorization (Read and manage) </br> Authorization and settings \ Security setting (All permissions) </br>Authorization and settings \ System settings (Read and manage)\| \|View-Only Recipients\|Security operations \ Security data \ Security data basics (read) </br>Security operations \ Raw data (Email & collaboration) \ Email message headers (read)\| \|Preview\|Security operations\ Security operations \ Raw data (Email & collaboration) \ Email content (read)\| \|Search and Purge\|Security operations \ Security data \ Email advanced actions (manage)\| Use the tables in the following sections to learn more about how your existing i \|View-only Audit Logs\|Security operations \ Security data \ Security data basics (read)\| \|Audit Logs\|Security operations \ Security data \ Security data basics (read)\| \|Quarantine\|Security operations \ Security data \ Email quarantine (manage)\| -\|Role Management\|Authorization and settings \ Authorization (All permissions)\| +\|Role Management\|Authorization and settings \ Authorization (Read and manage)\| ### Map Microsoft Defender for Identity permissions to the Microsoft 365 Defender Unified RBAC permissions \|Defender for Identity permission\|Unified RBAC permission\| \|\|\|\| -\|MDI admin\|Security operations \ Security data \ Security data basics (read)</br>Security operations \ Security data \ Alerts (manage)</br>Authorization and settings \ Authorization (All permissions) </br>Authorization and settings \ Security setting (All permissions) </br>Authorization and settings \ System setting (All permissions)\| +\|MDI admin\|Security operations \ Security data \ Security data basics (read)</br>Security operations \ Security data \ Alerts (manage)</br>Authorization and settings \ Authorization (Read and manage) </br>Authorization and settings \ Security setting (All permissions) </br>Authorization and settings \ System settings (Read and manage)\| \|MDI user\|Security operations \ Security data \ Security data basics (read) </br>Security operations \ Security data \ Alerts (manage)</br>Authorization and settings \ Security setting (All permissions) </br>Authorization and settings \ System setting (read)\| -\|MDI viewer\|Security operations \ Security data \ Security data basics (read)</br>Authorization and settings \ Security setting (read) </br>Authorization and settings \ System setting (read)\| +\|MDI viewer\|Security operations \ Security data \ Security data basics (read)</br>Authorization and settings \ Security settings \ Core security settings (read) </br>Authorization and settings \ System setting (read)\| > [!NOTE] > Defender for Identity experiences will also adhere to permissions granted from [Microsoft Defender for Cloud Apps](https://security.microsoft.com/cloudapps/permissions/roles). For more information, see [Microsoft Defender for Identity role groups](https://go.microsoft.com/fwlink/?linkid=2202729). Use this table to learn about the permissions assigned by default for each workl \|AAD role\|Microsoft 365 Defender Unified RBAC assigned permissions for all workloads\|Microsoft 365 Defender Unified RBAC assigned permissions ΓÇô workload specific\| \|\|\|\|\| -\|Global administrator\|Security operations \ Security data \ Security data basics (read)</br>Security operations \ Security data \ Alerts (manage) </br>Security operations \ Security data \ Response (manage)</br>Security posture \ Posture management \ Secure Score (read) </br> Security posture \ Posture management \ Secure Score (manage)</br>Authorization and settings \ Authorization \ (All permissions)</br>Authorization and settings \ Security settings \ (All permissions)</br>Authorization and settings \ System settings \ (All permissions) \|_Defender for Endpoint and Defender Vulnerability Management permissions only permissions_ </br>Security operations \ Basic live response (manage)</br>Security operations \ Advanced live response (manage) </br> Security operations \ Security data \ File collection (manage) </br>Security posture \ Posture management \ Vulnerability management (read)</br>Security posture \ Posture management \ Exception handling (manage)</br>Security posture \ Posture management \ Remediation handling (manage)</br>Security posture \ Posture management \ Application handling (manage)</br>Security posture \ Posture management \ Security baseline assessment (manage)</br></br> _Defender for Office only permissions_ </br> Security operations \ Security data \ Email quarantine (manage)</br>Security operations \ Security data \ Email advanced actions (manage)</br>Security operations \ Raw data (Email & collaboration) \ Email message headers (read)\| +\|Global administrator\|Security operations \ Security data \ Security data basics (read)</br>Security operations \ Security data \ Alerts (manage) </br>Security operations \ Security data \ Response (manage)</br>Security posture \ Posture management \ Secure Score (read) </br> Security posture \ Posture management \ Secure Score (manage)</br>Authorization and settings \ Authorization (Read and manage)</br>Authorization and settings \ Security settings (All permissions)</br>Authorization and settings \ System settings (Read and manage) \|_Defender for Endpoint and Defender Vulnerability Management permissions only permissions_ </br>Security operations \ Basic live response (manage)</br>Security operations \ Advanced live response (manage) </br> Security operations \ Security data \ File collection (manage) </br>Security posture \ Posture management \ Vulnerability management (read)</br>Security posture \ Posture management \ Exception handling (manage)</br>Security posture \ Posture management \ Remediation handling (manage)</br>Security posture \ Posture management \ Application handling (manage)</br>Security posture \ Posture management \ Security baseline assessment (manage)</br></br> _Defender for Office only permissions_ </br> Security operations \ Security data \ Email quarantine (manage)</br>Security operations \ Security data \ Email advanced actions (manage)</br>Security operations \ Raw data (Email & collaboration) \ Email message headers (read)\| \|Security administrator\|Same as Global administrator\|Same as Global administrator\| -\|Global reader\|Security operations \ Security data \ Security data basics (read)</br>Security posture \ Posture management \ Secure Score (read) </br>\|_Defender for Endpoint and Defender Vulnerability Management permissions only permissions_ </br>Security posture \ Posture management \ Vulnerability management (read)</br></br> _Defender for Office only permissions_ </br> Security operations \ Security data \ Response (manage)</br>Security operations \ Raw data (Email & collaboration) \ Email message headers (read)</br>Authorization and settings \ Authorization \ (read) </br></br>_Defender for Office and Defender for Identity only permissions_ </br>Authorization and settings \ Security settings \ (read)</br>Authorization and settings \ System settings \ (read)\| -\|Security reader\|Security operations \ Security data \ Security data basics (read)</br>Security posture \ Posture management \ Secure Score (read) </br>\|_Defender for Endpoint and Defender Vulnerability Management permissions only permissions_ </br>Security posture \ Posture management \ Vulnerability management (read)</br></br> _Defender for Office only permissions_ </br> Security operations \ Security data \ Response (manage)</br>Security operations \ Raw data (Email & collaboration) \ Email message headers (read) </br></br>_Defender for Office and Defender for Identity only permissions_ </br>Authorization and settings \ Security settings \ (read)</br>Authorization and settings \ System settings \ (read)\| -\|Security operator\|Security operations \ Security data \ Security data basics (read)</br>Security operations \ Security data \ Alerts (manage) </br>Security operations \ Security data \ Response (manage)</br>Security posture \ Posture management \ Secure Score (read)</br>Authorization and settings \ Security settings \ (All permissions)\|_Defender for Endpoint and Defender Vulnerability Management permissions only permissions_</br>Security operations \ Security data \ Basic live response (manage)</br>Security operations \ Security data \ Advanced live response (manage)</br> Security operations \ Security data \ File collection (manage) </br>Security posture \ Posture management \ Vulnerability management (read)</br>Security posture \ Posture management \ Exception handling (manage)</br>Security posture \ Posture management \ Remediation handling (manage)</br></br>_Defender for Office only permissions_ </br>Security operations \ Raw data (Email & collaboration) \ Email message headers (read)</br>Authorization and settings \ System settings \ (All permissions)</br></br>_Defender for Identity only permissions_ </br>Authorization and settings \ System settings \ (read)\| +\|Global reader\|Security operations \ Security data \ Security data basics (read)</br>Security posture \ Posture management \ Secure Score (read) </br>\|_Defender for Endpoint and Defender Vulnerability Management permissions only permissions_ </br>Security posture \ Posture management \ Vulnerability management (read)</br></br> _Defender for Office only permissions_ </br> Security operations \ Security data \ Response (manage)</br>Security operations \ Raw data (Email & collaboration) \ Email message headers (read)</br>Authorization and settings \ Authorization (read) </br></br>_Defender for Office and Defender for Identity only permissions_ </br>Authorization and settings \ Security settings \ Core security settings (read)</br>Authorization and settings \ System settings (read)\| +\|Security reader\|Security operations \ Security data \ Security data basics (read)</br>Security posture \ Posture management \ Secure Score (read) </br>\|_Defender for Endpoint and Defender Vulnerability Management permissions only permissions_ </br>Security posture \ Posture management \ Vulnerability management (read)</br></br> _Defender for Office only permissions_ </br> Security operations \ Security data \ Response (manage)</br>Security operations \ Raw data (Email & collaboration) \ Email message headers (read) </br></br>_Defender for Office and Defender for Identity only permissions_ </br>Authorization and settings \ Security settings \ Core security settings (read)</br>Authorization and settings \ System settings (read)\| +\|Security operator\|Security operations \ Security data \ Security data basics (read)</br>Security operations \ Security data \ Alerts (manage) </br>Security operations \ Security data \ Response (manage)</br>Security posture \ Posture management \ Secure Score (read)</br>Authorization and settings \ Security settings (All permissions)\|_Defender for Endpoint and Defender Vulnerability Management permissions only permissions_</br>Security operations \ Security data \ Basic live response (manage)</br>Security operations \ Security data \ Advanced live response (manage)</br> Security operations \ Security data \ File collection (manage) </br>Security posture \ Posture management \ Vulnerability management (read)</br>Security posture \ Posture management \ Exception handling (manage)</br>Security posture \ Posture management \ Remediation handling (manage)</br></br>_Defender for Office only permissions_ </br>Security operations \ Raw data (Email & collaboration) \ Email message headers (read)</br>Authorization and settings \ System settings (Read and manage)</br></br>_Defender for Identity only permissions_ </br>Authorization and settings \ System settings (read)\| \|Exchange Administrator\|Security posture \ Posture management \ Secure Score (read) </br> Security posture \ Posture management \ Secure Score (manage)\|not applicable\| \|SharePoint Administrator\|Security posture \ Posture management \ Secure Score (read) </br> Security posture \ Posture management \ Secure Score (manage)\|not applicable\| \|Service Support Administrator\|Security posture \ Posture management \ Secure Score (read) \|not applicable\|
security	Create Custom Rbac Roles	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/create-custom-rbac-roles.md	To access and manage roles and permissions, without being a Global Administrator - Select all permissions - users will be able to create and manage roles and permissions. - Read-only - uses will be able to access and view roles and permissions in a read-only mode. - :::image type="content" source="../../media/defender/m365-defender-rbac-authorization-role.png" alt-text="Screenshot of the Permissions and roles page" lightbox="../../media/defender/m365-defender-rbac-authorization-role.png"::: + :::image type="content" source="../../media/defender/m365-defender-rbac-authorization-role.png" alt-text="Screenshot of the permissions and roles page" lightbox="../../media/defender/m365-defender-rbac-authorization-role.png"::: 8. Select Apply and then Next to assign users and data sources. 9. Select Add assignments and enter the Assignment name.
security	Custom Permissions Details	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/custom-permissions-details.md	Permissions to manages the security and system settings and to create and assign \|Permission name\|Level\|Description\| \|\|\|\| \|Authorization\|Read / Manage\|View or manage device groups, and custom and built-in roles.\| -\|Security settings\|Read / Manage\|View or manage general security settings for the Microsoft 365 Defender portal.\| +\|Core security settings\|Read / Manage\|View or manage core security settings for the Microsoft 365 Defender portal.\| +\|Detection tuning\| Manage \|Manage tasks related to detections in the Microsoft 365 Defender portal including Custom detections, Alerts Tuning and Threat Indicators of compromise.\| \|System settings\|Read / Manage\|View or manage general systems settings for the Microsoft 365 Defender portal.\| > [!NOTE]
security	Whats New In Microsoft Defender Urbac	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/whats-new-in-microsoft-defender-urbac.md	Last updated 8/01/2023 This article provides information about new features and important product updates for the latest release of Microsoft 365 Defender Unified role-based access control (RBAC). + ## August 2023 +### Detection tuning and Security settings permissions + +You can now assign a new granular permission called Detection tuning (manage) in Microsoft Defender 365 Unified RBAC. Granting the Detection Tuning (manage) permission allows security operations analysts to create and manage Custom Detection, Alerts Tuning, and Threat Indicators of Compromise rules without granting them the full Security Settings (manage) permission. </br> </br> You can add the new permissions to a custom role by selecting Authorization and settings \ Security settings when creating or updating the role. For more information, see [Create custom roles with Microsoft 365 Defender Unified RBAC](./create-custom-rbac-roles.md). + +The Security settings permission name has been updated to Core security settings. This change has no impact on existing roles and permissions. + ### Microsoft Defender Vulnerability Management permissions are now integrated with Microsoft 365 Defender Unified role-based access control (RBAC) You can now control access and grant granular permissions for Microsoft Defender Vulnerability Management as part of theΓÇ»Microsoft 365 Defender Unified RBAC model. For more information, see [Microsoft Defender 365 Unified role-based access control (RBAC)](../defender/manage-rbac.md). You can add the new permissions to a custom role by selecting them from the Security posture permissions group when creating the role. For more information, see [Create custom roles with Microsoft 365 Defender Unified RBAC](./create-custom-rbac-roles.md). For more information on what's new with other Microsoft Defender security produc - [What's new in Microsoft Defender for Office 365](../office-365-security/defender-for-office-365-whats-new.md) - [What's new in Microsoft Defender for Identity](/defender-for-identity/whats-new) - [What's new in Microsoft Defender for Cloud Apps](/cloud-app-security/release-notes)+++