Microsoft Defender will allow SOC teams and admins to refine the threat detection process
The enhancement is coming to Defender in July.
2 min. read
Published on
Share this article
Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more
Microsoft has unveiled a new feature to improve the accuracy of its threat detection services. As announced in a recent entry to the Microsoft 365 Roadmap, the Security Operations Center (SOC) teams and administrators can now provide feedback on threat analysis responses directly within the Submission experience.
With this update, SOC teams and admins can actively participate in refining Microsoft’s threat evaluation processes. If they disagree with the submission analysis—whether a false negative (a threat missed and marked safe) or a false positive (a safe item flagged as a threat)—they can now flag their disagreement and submit detailed feedback.
By enabling direct feedback, Microsoft aims to improve its algorithms and threat detection accuracy continuously, ensuring a safer digital environment for all users.
Here’s what the entry says:
We are enabling the ability for SOC and admins to disagree with submission responses within the Submission experience and provide feedback to Microsoft on false negatives and false positives.
This capability allows SOC teams and admins to address discrepancies in threat assessments, ensuring quicker resolution of potential security concerns.
However, it will only be released in July, so there will be enough time for SOC teams and admins to be aware of it.
In similar news, the Defender platform will be enhanced with three new Advanced Hunting Tables that will greatly improve security in Teams.
User forum
0 messages