Threat Explorer

  • This topic is empty.
  • Post
    • December 12, 2024 at 9:58 pm
    Weekend Wiki
    Keymaster

    2. Threat Explorer

    Purpose: Investigate and respond to threats post-delivery.

    Steps to Use Threat Explorer

    1. In the Microsoft 365 Defender Portal, go to Threat Management > Explorer (or Real-time detections).
    2. Use Threat Explorer to:
      • Search for suspicious emails or users by subject, sender, or recipient.
      • Investigate malicious files or URLs.
      • Analyze email headers and delivery paths.
    3. Post-Delivery Actions:
      • Use the Action button to:
        • Delete emails from mailboxes.
        • Quarantine messages.
        • Report phishing attempts for analysis.
    4. Automate investigation workflows using the Automated Investigation and Response (AIR) feature.

     

    For consulting, email us at [email protected] / [email protected]

  • You must be logged in to reply to this topic.
en_USEnglish
arArabic en_USEnglish