Microsoft Defender's Threat Explorer is updated to become a hub for direct cyber protection actions

Microsoft will be updating its Defender app to become more versatile for users. After announcing that it will flag the AIR fixes as automated actions approved by SecOps, the Redmond-based tech giant says it will update Threat Explorer within the platform to become a hub for direct cyber protection actions.

In other words, Microsoft Defender’s Threat Explorer will allow SecOps to perform a variety of actions, from submissions, and purging emails, to blocking Tenant-wide messages.

According to the latest entry to the Microsoft 365 Roadmap, the Redmond-based tech giant will also make Tenant-level block URL and File actions available on this page, later in April.

SecOps can take multiple actions such as purging emails, submissions, and Tenant-level block actions through a single wizard on the bulk of messages. In addition, Tenant-level block URL and File actions are now available directly from Threat explorer.

Microsoft

The change will allow SecOps to take action against cyberthreats faster, and more efficiently, ensuring the companies are responding quickly in such situations, where time is important.

The change is welcomed, considering Defender is also updated to allow administrators or security operators to see results and responses to the submissions they made in the platform much sooner.

This means security experts will have a clearer picture of what’s happening inside an organization by just opening up Microsoft Defender, allowing them to take action when needed.

Microsoft Defender will update its Threat Explorer this month, and it’s expected to be completed by the end of April. All the web versions of the app are impacted, and customers everywhere will have access to the new and enhanced Threat Explorer.