You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-office-365/reports-mdo-email-collaboration-dashboard.md
+13-17Lines changed: 13 additions & 17 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -18,7 +18,7 @@ ms.collection:
18
18
description: Admins can learn about the information on the Microsoft Defender for Office 365 Overview dashboard in the Microsoft Defender portal.
19
19
ms.custom:
20
20
ms.service: defender-office-365
21
-
ms.date: 6/27/2025
21
+
ms.date: 07/14/2025
22
22
appliesto:
23
23
- ✅ <a href="https://learn.microsoft.com/defender-office-365/mdo-about#defender-for-office-365-plan-1-vs-plan-2-cheat-sheet" target="_blank">Microsoft Defender for Office 365 Plan 1 and Plan 2</a>
@@ -38,7 +38,7 @@ The information on the **Overview** page is organized into the following areas:
38
38
39
39
For the permissions required to view the dashboard and reports, see [What permissions are needed to view these reports?](reports-email-security.md#what-permissions-are-needed-to-view-these-reports).
40
40
41
-
By default, the data on the page is shown for the last 30 days. But, you can show data for the last 60 days or the last 90 days by selecting the **Last 30 days** drop down at the top of the page.
41
+
By default, the data on the page is shown for the last 30 days.
42
42
43
43
:::image type="content" source="media/email-collab-overview.png" alt-text="Screenshot of the Email and collaboration overview report page in the Microsoft Defender portal." lightbox="media/email-collab-overview.png":::
44
44
@@ -56,13 +56,13 @@ The graph on the **Phish / Malware Efficacy** card visually represents the prote
56
56
57
57
-**Pre-delivery**: Items detected before they reach the recipient's mailbox.
58
58
-**Post-delivery**: Items removed after the item was delivered to the recipient's mailbox via [zero-hour auto purge (ZAP)](zero-hour-auto-purge.md).
59
-
-**Uncaught**: Delivered items that ZAP identified but couldn't remove. For example:
59
+
-**Uncaught**: Delivered items that ZAP identified but didn't remove due to them already being remediated. For example:
60
60
- Admin deletions or remediations.
61
61
-[Admin submissions](submissions-admin.md) to Microsoft identifying the message as malware or phishing.
62
62
- User deletions.
63
63
- Non-Microsoft security provider deletions.
64
64
65
-
The percentage value is the number of messages in each category divided by the total number of malicious malware and phishing email during the review period you selected at the top of the page (30 days (default), 60 days, or 90 days).
65
+
The percentage value is the number of messages in each category divided by the total number of malicious malware and phishing email during the review period selected.
66
66
67
67
Hover over a category in the chart to see the number of messages in each category for the review period. Hover over the percentage to see the total number of messages
68
68
@@ -80,7 +80,7 @@ Hover over a category in the chart to see the number of messages in each categor
The graph on the **Threat detections** card shows the number of messages detected by the following technologies during the review period you selected at the top of the page (30 days (default), 60 days, or 90 days):
83
+
The graph on the **Threat detections** card shows the number of messages detected by the following technologies during the review period selected.
84
84
85
85
-**Malware**: The breakdown of detection technologies is available in the **Threat protection status** report under [View data by Email \> Malware and Chart breakdown by Detection Technology](reports-email-security.md#view-data-by-email--malware-and-chart-breakdown-by-detection-technology).
86
86
@@ -131,12 +131,8 @@ Hover over a category in the chart to see the number of **Onboarded** priority a
131
131
132
132
The graph on the **Policy recommendations** card shows the number of users directly protected by [Safe Links](safe-links-about.md) and [Safe Attachments](safe-attachments-about.md) policies as a percentage of the total number of users (the value 100% means everyone is protected). The numbers are taken from whether the following recommended actions in [Microsoft Secure Score](/defender-xdr/microsoft-secure-score) have the **Status** value `Completed`:
133
133
134
-
- <u>Safe Links</u>:
135
-
-**Ensure Safe Links for Office applications is enabled**
136
-
-**Create Safe Links policies for email messages**
137
-
- <u>Safe Attachments</u>:
138
-
-**Turn on Safe Attachments in block mode**
139
-
-**Ensure Safe Attachments policy is enabled**
134
+
- <u>Safe Links</u>: **Create Safe Links policies for email messages**
135
+
- <u>Safe Attachments</u>: **Ensure Safe Attachments policy is enabled**
140
136
141
137
Hover over a category in the chart to see the number of **Impacted users** (the total number of users in the organization) and **Protected users** (users protected by Safe Links or Safe Attachment policies as defined by the recommended actions in Microsoft Secure Score).
142
138
@@ -173,7 +169,7 @@ The **Tenant allow types** card shows a table with the types of allow entries in
-**Messages allowed** column: The number of messages allowed for the review period you selected at the top of the page (30 days (default), 60 days, or 90 days).
172
+
-**Messages allowed** column: The number of messages allowed for the review period selected.
177
173
178
174
:::image type="content" source="media/email-collab-overview-risky-allows-tenant-allow-types.png" alt-text="Screenshot of the Tenant allow types card in the Risky allows section of the Email & collaboration overview report page." lightbox="media/email-collab-overview-risky-allows-tenant-allow-types.png":::
179
175
@@ -184,7 +180,7 @@ The **Tenant allow types** card shows a table with the types of allow entries in
184
180
The **Exchange transport rules** card shows the mail flow rules (also known as transport rules) that allowed messages that would otherwise be blocked:
185
181
186
182
-**Rule ID**
187
-
-**Messages allowed**: The number of messages allowed during the review period you selected at the top of the page (30 days (default), 60 days, or 90 days).
183
+
-**Messages allowed**: The number of messages allowed during the review period selected.
188
184
189
185
Select **Review rules** to go to the **Rules** page in the Exchange admin center (EAC) at <https://admin.cloud.microsoft/exchange#/transportrules>.
190
186
@@ -205,7 +201,7 @@ The graph on the **Email detections** shows Microsoft and non-Microsoft detectio
Hover over a category in the chart to see the number of messages in each category for the review period you selected at the top of the page (30 days (default), 60 days, or 90 days).
204
+
Hover over a category in the chart to see the number of messages in each category for the review period selected.
209
205
210
206
:::image type="content" source="media/email-collab-overview-compare-solutions-email-detections.png" alt-text="Screenshot of the Email detections card in the Compare solutions section of the Email & collaboration overview report page." lightbox="media/email-collab-overview-compare-solutions-email-detections.png":::
211
207
@@ -220,7 +216,7 @@ The graphs on the **Non-Microsoft detections** show the following information fo
220
216
-**Phish**
221
217
-**Spam**
222
218
223
-
Hover over a category in the chart to see the number of messages in each category for the review period you selected at the top of the page (30 days (default), 60 days, or 90 days).
219
+
Hover over a category in the chart to see the number of messages in each category for the review selected.
224
220
225
221
-**Efficacy** graph: Shows the unique detections by the non-Microsoft service as a percentage of the total detections by Defender for Office 365.
226
222
@@ -232,7 +228,7 @@ The information in the **Insights** section is described in the following subsec
232
228
233
229
### Top trending attacks card
234
230
235
-
The graph on the **Top trending attacks** card shows the most encountered phishing attack types by volume for the review period you selected at the top of the page (30 days (default), 60 days, or 90 days).
231
+
The graph on the **Top trending attacks** card shows the most encountered phishing attack types by volume for the review period selected.
236
232
237
233
Threat classification in Defender for Office 365 uses advanced technologies such as large language models (LLMs), small language models (SLMs), and machine learning (ML) models to automatically detect and classify email-based threats.
238
234
@@ -248,7 +244,7 @@ The **Emerging threats** card shows any notable campaigns observed by Microsoft
The graph on the **Microsoft 365 Secure Email Gateway performance** card compares the effectiveness of Defender for Office 365 against other secure email gateways. To ensure fairness, the number of missed messages is normalized per 1,000 active users.
247
+
The graph on the **Microsoft 365 Secure Email Gateway performance** card compares the effectiveness of Defender for Office 365 against other secure email gateways. To ensure fairness, the number of missed phish and malware messages is normalized per 1,000 active users.
252
248
253
249
:::image type="content" source="media/email-collab-overview-insights-m365-secure-email-gateway.png" alt-text="Screenshot of the Microsoft 365 Secure Email Gateway performance card in the Insights section of the Email & collaboration overview report page." lightbox="media/email-collab-overview-insights-m365-secure-email-gateway.png":::
0 commit comments