You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-office-365/try-microsoft-defender-for-office-365.md
+10-4Lines changed: 10 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -18,7 +18,7 @@ ms.collection:
18
18
ms.custom:
19
19
ms.service: defender-office-365
20
20
ROBOTS:
21
-
ms.date: 01/29/2025
21
+
ms.date: 04/18/2025
22
22
---
23
23
24
24
# Try Microsoft Defender for Office 365
@@ -27,7 +27,7 @@ As an existing Microsoft 365 customer, the **Trials** and **Evaluation** pages i
27
27
28
28
Before you try Defender for Office 365 Plan 2, there are some key questions that you need to ask yourself:
29
29
30
-
- Do I want to passively observe what Defender for Office 365 Plan 2 can do for me (*audit*), or do I want Defender for Office 365 Plan 2 to take direct action on issues that it finds (*block*)?
30
+
- Do I want to passively observe what Defender for Office 365 Plan 2 can do for me (_audit_), or do I want Defender for Office 365 Plan 2 to take direct action on issues that it finds (_block_)?
31
31
- Either way, how can I tell what Defender for Office 365 Plan 2 is doing for me?
32
32
- How long do I have before I need to make the decision to keep Defender for Office 365 Plan 2?
33
33
@@ -78,7 +78,13 @@ The default policies for these EOP features are always on, apply to all recipien
78
78
79
79
Do you want your Defender for Office 365 experience to be active or passive? The following modes are available:
80
80
81
-
-**Audit mode**: Special _evaluation policies_ are created for anti-phishing (which includes impersonation protection), Safe Attachments, and Safe Links. These evaluation policies are configured to _detect_ threats only. Defender for Office 365 detects harmful messages for reporting, but the messages aren't acted upon (for example, detected messages aren't quarantined). The settings of these evaluation policies are described in the [Policies in audit mode](#policies-in-audit-mode) section later in this article. We also automatically turn on SafeLinks time of click protection in audit mode for non-email workloads (for example, Microsoft Teams, SharePoint, and OneDrive for Business)
81
+
-**Audit mode**: Special _evaluation policies_ are created for anti-phishing (which includes impersonation protection), Safe Attachments, and Safe Links. These evaluation policies are configured to _detect_ threats only. Defender for Office 365 detects harmful messages for reporting, but the messages aren't acted upon (for example, detected messages aren't quarantined). The settings of these evaluation policies are described in the [Policies in audit mode](#policies-in-audit-mode) section later in this article.
82
+
83
+
> [!NOTE]
84
+
> The following protection features **take action** by default in audit mode:
85
+
>
86
+
> - Safe Links time of click protection in non-email workloads (for example, Microsoft Teams, SharePoint, and OneDrive).
87
+
> -[Zero-hour auto purge (ZAP) in Microsoft Teams](zero-hour-auto-purge.md#zero-hour-auto-purge-zap-in-microsoft-teams).
82
88
83
89
You can also selectively turn on or turn off anti-phishing protection (spoofing and impersonation), Safe Links protection, and Safe Attachments protection. For instructions, see [Manage evaluation settings](#manage-evaluation-settings).
84
90
@@ -476,7 +482,7 @@ A: See [Order of precedence for preset security policies and other policies](pre
476
482
To see these policies and their settings, run the following command in [Exchange Online PowerShell](/powershell/exchange/connect-to-exchange-online-powershell):
0 commit comments