Microsoft is working on providing Office 365 Advanced Threat Protection (ATP) users with more information on the route incoming emails take while going through the filtering stack before reaching their inbox, as well as on the effectiveness of any configuration changes.
Additional improvements to the Office 365 ATP Threat Protection Status Report will also provide them with further info on the impact their configuration changes have on their account's overall security state.
Microsoft wants to roll out these Office 365 updates during next month and to make them generally available to all Office 365 environments, for customers with an Advanced Threat Protection plan.
Enhancements to mail-flow and Threat Protection status reports
Microsoft will add "a report that will show the time it takes for messages to traverse the full filtering stack, including detonations," according to a new Microsoft 365 roadmap entry.
"We're working on a way for you to see how much mail was caught by various layers of our filtering stack," Microsoft adds. "This report will allow customers to see how messages pass through the different layers of protection that we offer."
Last but not least, incoming Threat Protection Status Report enhancements will "help educate customers about the effect their configurations have on their security posture."
This will be accomplished by including an Override Allows view to the report which will enable customers to get an overview of threats that were allowed through the email filtering stack due to changes they made.
The security configuration tweaks survey will make it possible to assess the effect of any configuration adjustments and address any accidental gaps in their protection.
More incoming Office 365 updates
Microsoft is also planning to improve the Office 365 Message Encryption (OME) service to decrease the possibility that emails with one-time passcodes (OTPs) required to read encrypted messages are labeled as spam by mail servers.
Office 365 ATP users will get more details on malicious URLs and malware samples discovered following detonation through the filtering stack.
Attack flow overviews of malware attacks should roll out this month to improve the Campaign Views feature available in public preview since December 2019 with support for phishing campaigns.
Office 365 will try to stop enterprise data theft via email forwarding by toggling off email forwarding to external recipients by default beginning with the fourth quarter of 2020.
Redmond will also add automated malicious content blocking in Office 365 during Q2 2020 regardless of admin or user custom configurations unless manually overridden.
Source: Paper.li