You're reading from Mastering Microsoft Defender for Office 365 Streamline Office 365 security with expert tips for setup, automation, and advanced threat hunting

Product type Paperback

Published in Sep 2024

Publisher Packt

ISBN-13 9781835468289

Length 426 pages

Edition 1st Edition

Tools

Office 365

Concepts

Cybersecurity

Author (1):

Samuel Soto

View More author details

Table of Contents (18) Chapters

Preface

1. Part 1 – Introduction and Basic Configuration FREE CHAPTER

2. Chapter 1: The Security Wild West

3. Chapter 2: Basic Components of Defender for Office 365

4. Chapter 3: Basic Checks and Balances

5. Chapter 4: Basics of Configuration

6. Part 2 - Day-to-Day Operations

7. Chapter 5: Common Troubleshooting

8. Chapter 6: Message Quarantine Procedures

9. Chapter 7: Strengthening Email Security

10. Chapter 8: Catching What Passed the Initial Controls

11. Chapter 9: Incidents and Security Operations

12. Part 3 – Making the Tool Work for Your Organization

13. Chapter 10: Magnifying the Unseen – Threat Intelligence and Reports

14. Chapter 11: Integration and Artificial Intelligence

15. Chapter 12: User Awareness and Education

16. Index

Why subscribe?

17. Other Books You May Enjoy

AIR

Microsoft Defender for Office 365 is equipped with efficient AIR technology, aimed at streamlining tasks for your security operations team. When alerts are triggered, the team must diligently review and address them. With high volumes of alerts, this can be daunting, which is why automation proves beneficial.

AIR enhances your team’s productivity by triggering automatic investigations for known threats. It proposes appropriate remedial actions, which are subject to your team’s endorsement, enabling a swift reaction to threats. With AIR, your team can concentrate on urgent issues without overlooking critical alerts.

A high-level overview of AIR

Let’s review at a high level how automated investigations work, from what triggers them to what occurs once these are active, as well as the benefits we can gain from them: