Admins can see policy what-if insights for the bulk complaint level (BCL)

September 2024 Update

• With one click, SecOps personnel can take a quarantine release action directly from Explorer (Threat Explorer) or the Email entity page (no need to go to the Quarantine page in the Defender portal). For more information, see Remediate malicious email delivered in Office 365.
• Use the built-in Report button in Outlook: The built-in Report button in Outlook for Mac v16.89 (24090815) or later now supports the user reported settings experience to report messages as Phishing, Junk, and Not Junk.
• We're updating the end user experience for allow and block list management of their email messages. With one click, users can block email from unwanted senders and prevent those messages from appearing in their default quarantine view and in quarantine notifications. Users can also allow email from trusted and prevent future messages from those senders from being quarantined (if there are no admin overrides). Users also have visibility into any admin overrides that led to a quarantined email message. For more information, see View quarantined email.
• Admins can see policy what-if insights for the bulk complaint level (BCL) threshold, spoof, and impersonation settings, which lets them understand the implication of a setting change based on historical data. This capability lets admins confidently tune their settings without anxiety about possible repurcussions on users.