Change Logs and Release Notes

Share

Is this article helpful?

Last updated:

Defend Change Log

Use this article to stay up-to-date with changes to the Defend console.

See the table below for a list of updates, with the latest updates displayed at the top.

Release Date Description
February 2025
  • February 20, 2025- Phishing test data is now excluded from dashboard statistics, counts, graphs, threat feed, and the Recent Emails page in the Defend console. Admins can also configure event notifications to exclude phishing test alerts to prevent unnecessary notifications.
Release Date Description
August 2024
  • August 12, 2024: New Phish Types. We have introduced new Phish Types and a new Payload, enhancing your ability to focus on specific threats during investigations or to understand and report on the threats facing your organization.
  • Upon next log in to the Defend console, the new filters will be available on the Recent Emails page and reflected in the pie charts on the Dashboard.
  • New Phish Types:
    • Business Email Compromise
    • Phish Test
    • Supply Chain Compromise
    • Supply Chain Impersonation
    • User Impersonation
    • VIP Impersonation
  • New Payload:
    • Malware
  • These additions are designed to improve threat detection and reporting, helping you stay ahead of evolving risks. Please note that you may not see any data initially, as these new filters will not apply to emails that have already been processed by the Defend console. However, they will populate as soon as the Defend console detects these types of phishing.
June 2024
  • June 25, 2024: Abuse Mailbox Automation User Notifications. User notifications can now be configured for the following abuse mailbox triggers:
    • On submission
    • When categorized as dangerous on reanalysis
    • When categorized as benign on reanalysis
    • When categorized as inconclusive on reanalysis
  • These notifications can help to engage users in a feedback loop and help to keep your organization secure by empowering end-users to submit emails.
Note: These notifications will be sent from the specified Abuse Mailbox address on the settings page. To allow the Defend console to send these notifications on behalf of this mailbox, you will need to relink to Microsoft 365 on the Settings page.
May 2024
  • May 14, 2024: Abuse Mailbox Automation Hero Stats and Export. Within the Abuse Mailbox page, new statistics are now displayed:
    • Number of submissions
    • Accuracy of submission
    • Number of reanalyzed emails
  • This data can now be exported to a .csv file.
  • For full details, see the Defend - Abuse Mailbox Automation article.
  • May 1, 2024: Abuse Mailbox Automation Event Notifications. You can now configure notifications for Abuse Mailbox triggers. These are:
    • New submission to Abuse Mailbox email address
    • Abuse Mailbox Reanalysis updated to Dangerous
    • Abuse Mailbox Reanalysis updated to Benign
    • Abuse Mailbox Reanalysis updated to inconclusive
  • For full information, see the Defend - Event Notifications article.
April 2024
  • April 18, 2024: Internal Forwards Banners and Links. When a user in your organization forwards an email internally, Defend banners and rewritten links will no longer be removed. This feature requires a "Defend add Internal Header" mail flow rule in order to retain banners and link rewrites in your tenant.
  • Graymail Statistics and Filter: View a quick overview of the Graymail statistics in the top bar on the Defend Dashboard page. Now, you can also filter for Graymail emails on the Recent Emails page.
  • April 8, 2024: Abuse Mailbox. Enter your abuse mailbox details to allow the Defend console to monitor activity and remediate. View abuse mailbox activity on the Abuse Mailbox page in the Defend console. For full details, see the Defend - Abuse Mailbox Automation article.
  • April 1, 2024: Allow Threat Intelligence to View Emails. Improve operational efficacy and quality of service by allowing the Defend Intelligence team access to email content. This allows effective verification of phishing emails. You can easily enable this on the settings page. For full details, see the Defend - Settings page.
February 2024
  • February 5, 2024:Rewritten Link Hover Appearance. The Defend console rewrites URLs found in inbound emails to your end-users. When a user hovers over these links, users will see @originallink=<full link>. This allows users to see the original link before being rewritten by the Defend console.
  • Graymail Allow List. Allows users to mark Graymail emails as 'Not Graymail' which will result in future emails not having the graymail banner or header applied.
January 2024
  • January 25, 2024: Phishing Simulations to Inbox. The Defend console will never send a phishing test to quarantine. This allows customers or potential customers to run a phishing simulation with Defend banners without the need to configure any custom transport rules.
  • Report "Not Phish" Only on Summary Page. A new setting in the Defend console allows you to display only the Report Not Pish button to end-users on the email summary page.
  • January 24, 202: iOS Banner Update. The Defend console was causing issues with the margins and padding on HTML messages. The padding and margins have been edited to resolve this.
  • January 18, 2024: Link Scanner Downloading Experience. When downloading a file, the spinner on the download page was constant and surpassed download completion. This has now been resolved.
  • Deny List Button. An Add to Deny list button has been added to the Recent Emails page when opening the Email Details right-hand panel.
  • January 15, 2024: Remediation Failure Notification. If a remediation task fails, a notification message will now be displayed.
  • January 11, 2024: Consistent Tab Location. When the email details right-hand panel is open and a different email is selected, the right-hand panel will remain on the same tab.
  • Automatic Investigation Status Change. When an email is successfully remediated, the investigation status will be changed to Completed - Phish.
Release Date Description
December 2023
  • December 18, 2023: Supply Chain Pie Chart Filter. Supply Chain Health Pie Chart filter now includes an option to include all emails.
  • Email Display Name. The display name of the email sender is now shown in the Email Details - Basics Tab.
  • December 15, 2023: Remediate Similar. Admins can now select different email components to find similar emails based on a confidence level. Once selected, emails can then be remediated at once.
November 2023
  • November 22, 2023: Graymail Management. Admins can now select emails flagged as graymail to have a graymail banner added and/or sent to a Graymail folder. This helps reduce the noise in users' inboxes and improve overall productivity.
October 2023
  • October 6, 2023: KnowBe4 Phish Alert Button Integration. This integration with KnowBe4 Phish Alert Button helps you to streamline admin and user workflows.
July 2023
  • July 25, 2023: Adaptive Security. Admins can now enable Adaptive Security, which adjusts security settings for end-users based on the user's individual risk score.

Was this article helpful?

9 out of 9 found this helpful

Can't find what you're looking for?

Contact Support