Email: helpdesk@telkomuniversity.ac.id

This Portal for internal use only!

All Categories

All Categories

Search

0 Wishlist

Cart

Categories
More Categories Less Categories

iconTicket Service Desk

All Categories

All Categories

Search

0 Wishlist

Cart

Menu
Home/Microsoft/Automated end-user feedback response is now GA

Automated end-user feedback response is now GA

/ 2024-05-23
Automated end-user feedback response is now GA
Microsoft

We are excited to announce that the automated end-user feedback response feature is now GA! The user submission automatic feedback response capability in Microsoft Defender for Office 365 enables organizations to automatically respond to end user submissions of phish based on the verdict from the automated investigation. 

 

This feature saves SecOps time by converting the process of sending manual responses back to end users on reported messages to be automated. This layers additional value to the automated investigation and response (AIR) feature for SecOps teams and also helps encourage end users to contribute to the security posture of the organization by providing acknowledgment and feedback on those user reports of phish automatically. 

 

Configuration 

The ability to automatically respond to end user submissions of phish is configurable and can be turned on from the user reported settings page (Settings > Email & collaboration > User reported settings) and configured to send based on the AIR verdict. 

 

User submission automatic feedback response configuration found in settings > email & collaboration > user reported settings > automatically email users the results of the investigation: 

 

 

 

Phishing or Malware: Selecting this box indicates that the organization would like end users to receive an automatic response email on email submissions of phish when the associated user submission investigation identifies a threat of normal phish, high confidence phish or malware. 

Spam: Selecting this box indicates that the organization would like end users to receive an automatic response email on email submissions of phish when the associated user submission investigation shows the threat of spam. 

No threats found: Selecting this box indicates that the organization would like end users to receive an automatic response email on email submissions of phish when the associated user submission investigation finds no threats. 

 

Response Timing 

The automated end user feedback response is sent at the conclusion of the investigation when the investigation hits a final status. This means investigations in pending approval status must be approved before the response will be sent. 

 

Email Template 

The email that is sent to the end users utilizes the same email template as the organization’s Mark & Notify email template and allows the customization of the email body for the respective threats of Phishing, Junk and No threats found (corresponding to the Phishing or Malware, Spam, and No threats found settings above respectively). Learn more about Mark & Notify on this page: Admin review for reported messages – Office 365 | Microsoft Learn. 

 

User submission automatic feedback response configuration of email message using customize admin review email notification: 

 

 

 

Function 

Once enabled, Microsoft Defender for Office 365 will automatically respond to end user submissions based on the investigation verdict and the configured settings. For example, if an organization has enabled the user feedback response for emails with no threats found, if a user reported a message as phish it would trigger automated investigation and response (AIR) and begin an investigation on the user reported message. If that investigation concludes with no threats found and the organization had enabled the automatic feedback response for no threats found, then the end user who submitted the message would receive an email stating there were no threats found on the submitted message. The message would resemble the below, but the body of the message and footers would contain what the organization has put in for admin review for reported messages for the no threats found option. 

 

Sample user submission automatic feedback response for no threats found: 

 

 

 

 

 

If an organization has enabled the user feedback response for emails with Phishing or Malware, if a user reported a message as phish it would begin an investigation on the user reported message. If that investigation discovers high confidence phish or malware the investigation would be looking for these to be remediated either with the approval of recommend actions, shown as pending actions in the investigation, incident and action center, or remediation through other means such as explorer. Once the high confidence phish or malware threats found in the investigation have been remediated, the investigation would close as “Remediated” or “Partially Remediated” at which point the user submission feedback email would automatically be sent to the user who reported the message. If only a threat of normal phish was identified for a message, the investigation would not produce pending actions however the end user would still receive a response indicating the message was phish. The message would resemble the below, but the body of the message and footers would contain what the organization has put in for admin review for reported messages for the phishing option. 

 

Sample user submission automatic feedback response for high confidence phish or malware: 

 

 

 

 

Note: The response is not sent to end users until any discovered high confidence phish or malware threats are remediated, meaning responses will not be sent when the investigation is pending action. The investigation must reach “Remediated” or “Partially Remediated” status in order for the response to be triggered. 

 

Display 

When users receive an automatic feedback response, this will be reflected in the submission queue as “Marked as” similar to other submissions that may have manually received a response. 

 

User submission automatic feedback response reflected on submissions queue marked as: 

 

Learn More 

To learn more about the automated end user feedback response feature visit Automatic user notifications for user reported phishing results in AIR – Microsoft Defender for Office 365 | Microsoft Learn. 

 

To learn more about submissions and investigations in MDO please visit the following pages: 

Automated investigation and response in Microsoft Defender for Office 365 – Office 365 | Microsoft Learn 
View the results of an automated investigation in Microsoft 365 – Office 365 | Microsoft Learn 
Admin review for reported messages – Office 365 | Microsoft Learn 
How automated investigation and response works in Microsoft Defender for Office 365 – Office 365 | Microsoft Learn 

 

​Microsoft Tech Community – Latest Blogs –Read More 

Tags:

Related posts

From questions to discoveries: NASA’s new Earth Copilot brings Microsoft AI capabilities to democratize access to complex data
2024-11-14

From questions to discoveries: NASA’s new Earth Copilot brings Microsoft AI capabilities to democratize access to complex data

Microsoft introduces new adapted AI models for industry
2024-11-13

Microsoft introduces new adapted AI models for industry

IDC’s 2024 AI opportunity study: Top five AI trends to watch
2024-11-13

IDC’s 2024 AI opportunity study: Top five AI trends to watch

Leave a Reply

Your email address will not be published. Required fields are marked *

Adobe
Google for Education
IBM
Matlab
Microsoft
Wordpress
Visual Paradigm
Opensource

Portal Application Package Repository Telkom University, for internal use only, empower civitas academica in study and research.

Information

Contact Us

Copyright © Telkom University. All Rights Reserved. ch