This guide will show an administrator how to view submissions that end users have reported as being false positive or false negative; additional review will need to be conducted to determine if an allow or block is necessary.
Role Requirements
Procedure Scope: Administrators
Required Group Membership: Admin.Security
Handbook Reference
Package: TBD
Domain: TBD
Modifies: TBD
O365 Security Identify User Submissions
- Navigate to the User Reported Submissions – Microsoft Defender portal, to view the applicable submissions, the start date may need to be altered. Select Filters, followed by entering a Start Date and End Date. Click Apply.
- The submissions will be displayed, along with pertinent information.
- As the administrator, you will be able to view the message and make any troubleshooting decisions dealing with message handling.
Need Assistance?
Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.