Not a user yet?
Log in Register for free Suggest a product
Update

(Preview) In advanced hunting, you can now view all your user-defined rules

Defender XDRDefender XDR
Microsoft
Update from patrick-devicebaseUpdate from:
patrick-devicebase (expert)

May 2025

  • (Preview) In advanced hunting, you can now view all your user-defined rules—both custom detection rules and analytics rules—in the Detection rules page. This feature also brings the following improvements:
  1. You can now filter for every column (in addition to Frequency and Organizational scope).
  2. For multiworkspace organizations that have onboarded multiple workspaces to Microsoft Defender, you can now view the Workspace ID column and filter by workspace.
  3. You can now view the details pane even for analytics rules.
  4. You can now perform the following actions on analytics rules: Turn on/off, Delete, Edit.
  • (Preview) You can now highlight your security operations achievements and the impact of Microsoft Defender using the unified security summary. The unified security summary is available in the Microsoft Defender portal and streamlines the process for SOC teams to generate security reports, saving time usually spent on collecting data from various sources and creating reports. For more information, see Visualize security impact with the unified security summary.
  • Defender portal users who have onboarded Microsoft Sentinel and have enabled the User and Entity Behavior Analytics (UEBA) can now take advantage of the new unified IdentityInfo table in advanced hunting. This latest version now includes the largest possible set of fields common to both Defender and Azure portals.
  • (Preview) The following advanced hunting schema tables are now available for preview to help you look through Microsoft Teams events and related information:
  1. The MessageEvents table contains details about messages sent and received within your organization at the time of delivery
  2. - The MessagePostDeliveryEvents table contains information about security events that occurred after the delivery of a Microsoft Teams message in your organization
  3. The MessageUrlInfo table contains information about URLs sent through Microsoft Teams messages in your organization
Version: May 2025 Link
More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Microsoft Defender XDR updates

More from the Apps & Software section

Was the content helpful to you?

Advertisement Advertise here?
Banner Logitech