You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-endpoint/microsoft-defender-endpoint-mac.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -79,7 +79,7 @@ These three most recent major releases of macOS are supported.
79
79
- Beta versions of macOS aren't supported.
80
80
81
81
> [!IMPORTANT]
82
-
> On macOS 11 (Large Sur) and later, Microsoft Defender for Endpoint requires more configuration profiles. If you're an existing customer upgrading from earlier versions of macOS, make sure to deploy the extra configuration profiles listed on [New configuration profiles for macOS Big Sur and newer versions of macOS](mac-sysext-policies.md) and detailed in [installation instructions](#installation-instructions).
82
+
> On macOS 11 (Big Sur) and later, Microsoft Defender for Endpoint requires more configuration profiles. If you're an existing customer upgrading from earlier versions of macOS, make sure to deploy the extra configuration profiles listed on [New configuration profiles for macOS Big Sur and newer versions of macOS](mac-sysext-policies.md) and detailed in [installation instructions](#installation-instructions).
83
83
84
84
After you've enabled the service, you might need to configure your network or firewall to allow outbound connections between it and your endpoints.
Copy file name to clipboardExpand all lines: defender-office-365/threat-explorer-real-time-detections-about.md
+7-4Lines changed: 7 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -7,7 +7,7 @@ author: chrisda
7
7
manager: deniseb
8
8
audience: ITPro
9
9
ms.topic: conceptual
10
-
ms.date: 01/15/2025
10
+
ms.date: 02/18/2025
11
11
ms.localizationpriority: medium
12
12
ms.collection:
13
13
- m365-security
@@ -104,6 +104,9 @@ Threat Explorer and Real-time detections contain the following elements:
104
104
|**URL clicks**|✔||Information about user clicks on URLs in email messages, Teams messages, SharePoint files, and OneDrive files.|
105
105
106
106
These views are described in detail in this article, including the differences between Threat Explorer and Real-time detections.
107
+
108
+
> [!TIP]
109
+
> Real-time detections shows the malicious email detections at the time of delivery only. Threat Explorer shows all email detections at the time of delivery along with post-delivery activities.
107
110
108
111
-**Date/time filters**: By default, the view is filtered by yesterday and today. To change the date filter, select the date range, and then select **Start Date** and **End date** values up to 30 days ago.
109
112
@@ -176,7 +179,7 @@ The filterable properties that are available in the **Delivery action** box in t
176
179
|Exchange transport rule|Text. Separate multiple values by commas.|
177
180
|Data loss prevention rule|Text. Separate multiple values by commas.|
178
181
|Context|Select one or more values: <ul><li>**Evaluation**</li><li>**Priority account protection**</li></ul>|
179
-
|Connector|Text. Separate multiple values by commas.|
182
+
|Connector|Text (connector name). Separate multiple values by commas.|
180
183
|Delivery action|Select one or more values: <ul><li>**Blocked**: Email messages that were quarantined, that failed delivery, or were dropped.</li><li>**Delivered**: Email delivered to the user's Inbox or other folder where the user can access the message.</li><li>**Delivered to junk**: Email delivered to the user's Junk Email folder or Deleted Items folder where the user can access the message.</li><li>**Replaced**: Message attachments that were replaced by [Dynamic Delivery in Safe Attachments policies](safe-attachments-about.md#dynamic-delivery-in-safe-attachments-policies).</li></ul>|
181
184
|Additional action|Select one or more values: <ul><li>**Automated remediation**</li><li>**Dynamic Delivery**: For more information, see [Dynamic Delivery in Safe Attachments policies](safe-attachments-about.md#dynamic-delivery-in-safe-attachments-policies).</li><li>**Manual remediation**</li><li>**None**</li><li>**Quarantine release**</li><li>**Reprocessed**: The message was retroactively identified as good.</li><li>**ZAP**: For more information, see [Zero-hour auto purge (ZAP) in Microsoft Defender for Office 365](zero-hour-auto-purge.md).</li></ul>|
182
185
|Directionality|Select one or more values: <ul><li>**Inbound**</li><li>**Intra-org**</li><li>**Outbound**</li></ul>|
@@ -633,7 +636,7 @@ The filterable properties that are available in the **Sender address** box in th
633
636
|Exchange transport rule|Text. Separate multiple values by commas.|✔||
634
637
|Data loss prevention rule|Text. Separate multiple values by commas.|✔||
635
638
|Context|Select one or more values: <ul><li>**Evaluation**</li><li>**Priority account protection**</li></ul>|✔||
636
-
|Connector|Text. Separate multiple values by commas.|✔||
639
+
|Connector|Text (connector name). Separate multiple values by commas.|✔||
637
640
|Delivery action|Select one or more values: <ul><li>**Blocked**</li><li>**Delivered**</li><li>**Delivered to junk**</li><li>**Replaced**: Message attachments that were replaced by [Dynamic Delivery in Safe Attachments policies](safe-attachments-about.md#dynamic-delivery-in-safe-attachments-policies).</li></ul>|✔|✔|
638
641
|Additional action|Select one or more values: <ul><li>**Automated remediation**</li><li>**Dynamic Delivery**: For more information, see [Dynamic Delivery in Safe Attachments policies](safe-attachments-about.md#dynamic-delivery-in-safe-attachments-policies).</li><li>**Manual remediation**</li><li>**None**</li><li>**Quarantine release**</li><li>**Reprocessed**</li><li>**ZAP**: For more information, see [Zero-hour auto purge (ZAP) in Microsoft Defender for Office 365](zero-hour-auto-purge.md).</li></ul>|✔|✔|
639
642
|Directionality|Select one or more values: <ul><li>**Inbound**</li><li>**Intra-org**</li><li>**Outbound**</li></ul>|✔|✔|
@@ -906,7 +909,7 @@ The filterable properties that are available in the **Sender address** box in th
906
909
|Exchange transport rule|Text. Separate multiple values by commas.|✔||
907
910
|Data loss prevention rule|Text. Separate multiple values by commas.|✔||
908
911
|Context|Select one or more values: <ul><li>**Evaluation**</li><li>**Priority account protection**</li></ul>|✔||
909
-
|Connector|Text. Separate multiple values by commas.|✔||
912
+
|Connector|Text (connector name). Separate multiple values by commas.|✔||
910
913
|Delivery action|Select one or more values: <ul><li>**Blocked**</li><li>**Delivered**</li><li>**Delivered to junk**</li><li>**Replaced**: Message attachments that were replaced by [Dynamic Delivery in Safe Attachments policies](safe-attachments-about.md#dynamic-delivery-in-safe-attachments-policies).</li></ul>|✔|✔|
911
914
|Additional action|Select one or more values: <ul><li>**Automated remediation**</li><li>**Dynamic Delivery**</li><li>**Manual remediation**</li><li>**None**</li><li>**Quarantine release**</li><li>**Reprocessed**</li><li>**ZAP**</li></ul>|✔|✔|
912
915
|Directionality|Select one or more values: <ul><li>**Inbound**</li><li>**Intra-org**</li><li>**Outbound**</li></ul>|✔|✔|
0 commit comments