EOP

Author: chrisda

.openpublishing.redirection.defender-office-365.json

@@ -59,6 +59,11 @@
       "source_path": "defender-office-365/step-by-step-guides/deploy-and-configure-the-report-message-add-in.md",
       "redirect_url": "/defender-office-365/submissions-outlook-report-messages",
       "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-office-365/tenant-wide-setup-for-increased-security.md",
+      "redirect_url": "/security/zero-trust/zero-trust-identity-device-access-policies-overview",
+      "redirect_document_id": false
     }
   ]
 }

defender-office-365/TOC.yml

@@ -6,7 +6,7 @@
      items:
        - name: Microsoft Defender for Office 365 overview
          href: mdo-about.md
-       - name: Exchange Online Protection overview
+       - name: Overview of default email protections for cloud mailboxes
          href: eop-about.md
        - name: What's new in Defender for Office 365
          href: defender-for-office-365-whats-new.md
@@ -23,7 +23,7 @@
        href: secure-by-default.md
      - name: Zero Trust for Defender for Office 365
        href: zero-trust-with-microsoft-365-defender-office-365.md
-     - name: Mail flow in EOP
+     - name: Mail flow in cloud organizations
        href: mail-flow-about.md
      - name: Defender for Office 365 in Microsoft Teams
        href: mdo-support-teams-about.md
@@ -57,11 +57,11 @@
          href: email-authentication-dmarc-configure.md
        - name: Configure trusted ARC sealers
          href: email-authentication-arc-configure.md
-     - name: Step 2 - Configure protection policies
+     - name: Step 2 - Configure threat policies
        items:
        - name: Preset security policies
          href: preset-security-policies.md
-       - name: Recommended settings for configuring EOP and Defender for Office 365 Security
+       - name: Recommended email and collaboration threat policy settings for cloud organizations
          href: recommended-settings-for-eop-and-office365.md
      - name: Step 3 - Assign permissions
        items:
@@ -127,15 +127,15 @@
          href: priority-accounts-security-recommendations.md
        - name: Usage card in Defender for Office 365
          href: mdo-usage-card-about.md
-       - name: Protection policies
+       - name: Threat policies
          items:
          - name: Preset security policies
            href: preset-security-policies.md
-         - name: Recommended settings for configuring EOP and Defender for Office 365 Security
+         - name: Recommended email and collaboration threat policy settings for cloud organizations
            href: recommended-settings-for-eop-and-office365.md
-         - name: Configuration analyzer for protection policies
+         - name: Configuration analyzer for threat policies
            href: configuration-analyzer-for-security-policies.md
-         - name: Anti-malware in EOP
+         - name: Anti-malware in cloud organizations
            items:
            - name: Anti-malware protection
              href: anti-malware-protection-about.md
@@ -147,7 +147,7 @@
              href: zero-hour-auto-purge.md
            - name: Virus detection in SharePoint
              href: anti-malware-protection-for-spo-odfb-teams-about.md
-         - name: Anti-spam in EOP
+         - name: Anti-spam in cloud organizations
            items:
            - name: Anti-spam protection
              href: anti-spam-protection-about.md
@@ -162,32 +162,32 @@
            - name: Bulk complaint level (BCL)
              href: anti-spam-bulk-complaint-level-bcl-about.md
            - name: Bulk senders insight
-             href: anti-spam-bulk-senders-insight.md
-           - name: Backscatter in EOP
+             href: anti-spam-bulk-senders
+           - name: Backscatter messages cloud organizations
              href: anti-spam-backscatter-about.md
            - name: Configure junk email settings on Exchange Online mailboxes
              href: configure-junk-email-settings-on-exo-mailboxes.md
            - name: Anti-spam protection FAQ
              href: anti-spam-protection-faq.yml
            - name: Zero-hour auto purge (ZAP)
              href: zero-hour-auto-purge.md
-           - name: Configure EOP to deliver spam to Junk Email folders in on-premises Exchange
+           - name: Configure Microsoft 365 to deliver spam to Junk Email folders in on-premises Exchange
              href: /exchange/standalone-eop/configure-eop-spam-protection-hybrid
-         - name: Anti-phishing in EOP and Defender for Office 365
+         - name: Anti-phishing for all cloud mailboxes and Defender for Office 365
            items:
            - name: Anti-phishing protection
              href: anti-phishing-protection-about.md
            - name: Anti-phishing policies
              href: anti-phishing-policies-about.md
-           - name: Configure anti-phishing policies in EOP
+           - name: Configure anti-phishing policies for all cloud mailboxes
              href: anti-phishing-policies-eop-configure.md
            - name: Configure anti-phishing policies in Defender for Office 365
              href: anti-phishing-policies-mdo-configure.md
            - name: Anti-spoofing protection
              href: anti-phishing-protection-spoofing-about.md
            - name: Anti-spoofing protection FAQ
              href: anti-phishing-protection-spoofing-faq.yml
-           - name: How EOP validates the From address
+           - name: How Microsoft 365 validates the From address
              href: anti-phishing-from-email-address-validation.md
            - name: Tune anti-phishing protection
              href: anti-phishing-protection-tuning.md
@@ -211,7 +211,7 @@
              href: safe-links-about.md
            - name: Set up Safe Links policies in Defender for Office 365
              href: safe-links-policies-configure.md
-         - name: Outbound spam protection in EOP
+         - name: Outbound spam protection in cloud organizations
            items:
            - name: Outbound spam protection
              href: outbound-spam-protection-about.md
@@ -223,7 +223,7 @@
              href: outbound-spam-high-risk-delivery-pool-about.md
            - name: Restore restricted users
              href: outbound-spam-restore-restricted-users.md
-         - name: Connection filtering in EOP
+         - name: Connection filtering in cloud organizations
            items:
            - name: Configure the connection filtering policy
              href: connection-filter-policies-configure.md
@@ -473,7 +473,7 @@
               href: air-auto-remediation.md
          - name: Detect and address compromised user accounts in AIR
            href: address-compromised-users-quickly.md
-         - name: Integrate AIR with a custom solution or third-party solution
+         - name: Integrate AIR with a custom solution or non-Microsoft solution
            href: air-custom-reporting.md
          - name: Email analysis in investigations
            href: email-analysis-investigations.md
@@ -558,7 +558,7 @@
           href: step-by-step-guides/how-to-run-attack-simulations-for-your-team.md
         - name: How to setup automated attacks and training within Attack simulation training
           href: step-by-step-guides/how-to-setup-attack-simulation-training-for-automated-attacks-and-training.md
-        - name: Optimize and correct security policies with configuration analyzer
+        - name: Optimize and correct threat policies with configuration analyzer
           href: step-by-step-guides/optimize-and-correct-security-policies-with-configuration-analyzer.md
         - name: Protect your c-suite with priority account protection
           href: step-by-step-guides/protect-your-c-suite-with-priority-account-protection.md

defender-office-365/address-compromised-users-quickly.md

@@ -17,7 +17,7 @@ ms.date: 06/09/2023
 description: Learn how to speed up the process of detecting and addressing compromised user accounts with automated investigation and response capabilities in Microsoft Defender for Office 365 Plan 2.
 ms.service: defender-office-365
 appliesto:
-  - ✅ <a href="https://learn.microsoft.com/defender-office-365/eop-about" target="_blank">Default email protections in Microsoft 365</a>
+  - ✅ <a href="https://learn.microsoft.com/defender-office-365/eop-about" target="_blank">Default email protections for cloud mailboxes</a>
   - ✅ <a href="https://learn.microsoft.com/defender-office-365/mdo-about#defender-for-office-365-plan-1-vs-plan-2-cheat-sheet" target="_blank">Microsoft Defender for Office 365 Plan 1 and Plan 2</a>
   - ✅ <a href="https://learn.microsoft.com/defender-xdr/microsoft-365-defender" target="_blank">Microsoft Defender XDR</a>
 ---

defender-office-365/advanced-delivery-policy-configure.md

@@ -18,7 +18,7 @@ description: Admins can learn how to use the advanced delivery policy in Microso
 ms.service: defender-office-365
 ms.date: 07/02/2025
 appliesto:
-  - ✅ <a href="https://learn.microsoft.com/defender-office-365/eop-about" target="_blank">Default email protections in Microsoft 365</a>
+  - ✅ <a href="https://learn.microsoft.com/defender-office-365/eop-about" target="_blank">Default email protections for cloud mailboxes</a>
   - ✅ <a href="https://learn.microsoft.com/defender-office-365/mdo-about#defender-for-office-365-plan-1-vs-plan-2-cheat-sheet" target="_blank">Microsoft Defender for Office 365 Plan 1 and Plan 2</a>
   - ✅ <a href="https://learn.microsoft.com/defender-xdr/microsoft-365-defender" target="_blank">Microsoft Defender XDR</a>
 ---
@@ -115,6 +115,8 @@ Back on the **SecOps mailbox** tab, the SecOps mailbox entries that you configur
 
 Back on the **SecOps mailbox** tab, the SecOps mailbox entries that you configured are displayed. If you removed all entries, the list is empty.
 
+<a name='powershell-procedures-for-third-party-phishing-simulations-in-the-advanced-delivery-policy'></a>
+
 ## Use the Microsoft Defender portal to configure non-Microsoft phishing simulations in the advanced delivery policy
 
 To configure a non-Microsoft phishing simulation, you need to provide the following information:
@@ -209,6 +211,8 @@ Back on the **Phishing simulation** tab, the non-Microsoft phishing simulation e
 - The **Date** column shows when the entry was created.
 - To change the list of entries from normal to compact spacing, select :::image type="icon" source="media/m365-cc-sc-standard-icon.png" border="false"::: **Change list spacing to compact or normal**, and then select :::image type="icon" source="media/m365-cc-sc-compact-icon.png" border="false"::: **Compact list**.
 
+<a name='use-the-microsoft-defender-portal-to-modify-or-remove-third-party-phishing-simulations-in-the-advanced-delivery-policy'></a>
+
 ## Use the Microsoft Defender portal to modify or remove non-Microsoft phishing simulations in the advanced delivery policy
 
 1. In the Microsoft Defender portal at <https://security.microsoft.com>, go to **Email & Collaboration** \> **Policies & Rules** \> **Threat policies** \> **Advanced delivery** in the **Rules** section. Or, to go directly to the **Advanced delivery** page, use <https://security.microsoft.com/advanceddelivery>.
@@ -367,6 +371,8 @@ In [Exchange Online PowerShell](/powershell/exchange/connect-to-exchange-online-
 
 For detailed syntax and parameter information, see [Remove-ExoSecOpsOverrideRule](/powershell/module/exchange/remove-exosecopsoverriderule).
 
+<a name='powershell-procedures-for-third-party-phishing-simulations-in-the-advanced-delivery-policy'></a>
+
 ## PowerShell procedures for non-Microsoft phishing simulations in the advanced delivery policy
 
 In PowerShell, the basic elements of non-Microsoft phishing simulations in the advanced delivery policy are:
@@ -385,6 +391,8 @@ This behavior has the following results:
 - When you remove a policy from PowerShell, the corresponding rule is also removed.
 - When you remove a rule from PowerShell, the corresponding policy isn't removed. You need to remove the corresponding policy manually.
 
+<a name='use-powershell-to-configure-third-party-phishing-simulations'></a>
+
 ### Use PowerShell to configure non-Microsoft phishing simulations
 
 Configuring a non-Microsoft phishing simulation in PowerShell is a multi-step process:

defender-office-365/air-custom-reporting.md

@@ -14,7 +14,7 @@ search.appverid:
 ms.collection:
 - m365-security
 - tier2
-description: Learn how to integrate automated investigation and response with a custom or third-party reporting solution.
+description: Learn how to integrate automated investigation and response with a custom or non-Microsoft reporting solution.
 ms.date: 07/10/2024
 ms.custom: 
 - air
@@ -24,13 +24,13 @@ appliesto:
   - ✅ <a href="https://learn.microsoft.com/defender-xdr/microsoft-365-defender" target="_blank">Microsoft Defender XDR</a>
 ---
 
-# Custom or third-party reporting solutions for Microsoft Defender for Office 365 Plan 2
+# Custom or non-Microsoft reporting solutions for Microsoft Defender for Office 365 Plan 2
 
 [!INCLUDE [MDO Trial banner](../includes/mdo-trial-banner.md)]
 
 Automated investigation and response (AIR) in Microsoft Defender for Office 365 Plan 2 returns detailed information about the results. For more information, see [Details and results of automated investigation and response (AIR) in Microsoft Defender for Office 365 Plan 2](air-view-investigation-results.md).
 
-However, some Microsoft 365 organizations use custom or third-party reporting solutions. Those organizations can use the **Office 365 Management Activity APIs** to integrate information from AIR into other reporting solutions.
+However, some Microsoft 365 organizations use custom or non-Microsoft reporting solutions. Those organizations can use the **Office 365 Management Activity APIs** to integrate information from AIR into other reporting solutions.
 
 |Resource|Description|
 |:---|:---|

defender-office-365/air-user-automatic-feedback-response.md

@@ -94,6 +94,6 @@ Whether the message was automatically or manually sent to Microsoft for review,
 To learn more about submissions and investigations in Defender for Microsoft 365, see the following articles:
 
 - [Automated investigation and response in Microsoft Defender for Office 365](air-about.md)
-- [View the results of an automated investigation in Microsoft 365](air-view-investigation-results.md)
+- [View the results of an automated investigation in Microsoft Defender for 365](air-view-investigation-results.md)
 - [Admin review for reported messages](submissions-admin-review-user-reported-messages.md)
 - [Automated investigation and response (AIR) examples in Microsoft Defender for Office 365 Plan 2](air-examples.md)

defender-office-365/alert-policies-defender-portal.md

@@ -27,7 +27,7 @@ appliesto:
 
 [!INCLUDE [MDO Trial banner](../includes/mdo-trial-banner.md)]
 
-In Microsoft 365 organizations with mailboxes in Exchange Online, alert policies generate alerts in the alert dashboard when users take actions that match the conditions of the policy. There are many default alert policies that help you monitor activities. For example, assigning admin privileges in Exchange Online, malware attacks, phishing campaigns, and unusual levels of file deletions and external sharing.
+In organizations with cloud mailboxes, alert policies generate alerts in the alert dashboard when users take actions that match the conditions of the policy. There are many default alert policies that help you monitor activities. For example, assigning admin privileges in Exchange Online, malware attacks, phishing campaigns, and unusual levels of file deletions and external sharing.
 
 ## What do you need to know before you begin?
 

defender-office-365/anti-malware-policies-configure.md

@@ -14,28 +14,28 @@ ms.assetid: b0cfc21f-e3c6-41b6-8670-feb2b2e252e5
 ms.collection:
   - m365-security
   - tier2
-description: Admins can learn how to view, create, modify, and remove anti-malware policies for email in Microsoft 365.
+description: Admins can learn how to view, create, modify, and remove anti-malware policies for cloud mailboxes.
 ms.custom: 
 ms.service: defender-office-365
 ms.date: 07/02/2025
 appliesto:
-  - ✅ <a href="https://learn.microsoft.com/defender-office-365/eop-about" target="_blank">Default email protections in Microsoft 365</a>
+  - ✅ <a href="https://learn.microsoft.com/defender-office-365/eop-about" target="_blank">Default email protections for cloud mailboxes</a>
   - ✅ <a href="https://learn.microsoft.com/defender-office-365/mdo-about#defender-for-office-365-plan-1-vs-plan-2-cheat-sheet" target="_blank">Microsoft Defender for Office 365 Plan 1 and Plan 2</a>
   - ✅ <a href="https://learn.microsoft.com/defender-xdr/microsoft-365-defender" target="_blank">Microsoft Defender XDR</a>
 ---
 
-# Configure anti-malware policies for email in Microsoft 365
+# Configure anti-malware policies for cloud mailboxes
 
 [!INCLUDE [MDO Trial banner](../includes/mdo-trial-banner.md)]
 
-In Microsoft 365 organizations cloud mailboxes, email messages are automatically protected against malware. Microsoft 365 uses anti-malware policies for malware protection settings related to email. For more information, see [Anti-malware protection in Microsoft 365](anti-malware-protection-about.md).
+In all organizations with cloud mailboxes, email messages are automatically protected against malware. Microsoft uses anti-malware policies for malware protection settings related to email. For more information, see [Anti-malware protection](anti-malware-protection-about.md).
 
 The default anti-malware policy automatically applies to all recipients. For greater granularity, you can also create custom anti-malware policies that apply to specific users, groups, or domains in your organization.
 
 > [!TIP]
 > The default anti-malware policy applies to inbound and outbound email. Custom anti-malware policies apply to inbound email only.
 >
-> Instead of creating and managing custom anti-malware policies, we typically recommend turning on and adding all users to the Standard and/or Strict preset security policies. For more information, see [Configure protection policies](mdo-deployment-guide.md#step-2-configure-protection-policies).
+> Instead of creating and managing custom anti-malware policies, we typically recommend turning on and adding all users to the Standard and/or Strict preset security policies. For more information, see [Configure threat policies](mdo-deployment-guide.md#step-2-configure-threat-policies).
 >
 > To understand how threat protection works in Microsoft Defender for Office 365, see [Step-by-step threat protection in Microsoft Defender for Office 365](protection-stack-microsoft-defender-for-office365.md).