Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Advanced Threat Protection Whitelist 2019

    ATP needs a way to whitelist inbound email (IP or domain) from being quarantined as malware. Back in 2016 this issue was resolved by adding exchange mail flow rules to add headers. However, this method no longer works, and Microsoft support (ticket 12611412) confirms that ATP filters before mail rules are applied, and there is no way to whitelist inbound IP's to bypass ATP malware filtering. The only options in the settings is based on recipient. In my case, I want to whitelist to allow a Security Awareness Training provider to send test emails to our users. ATP is incorrectly…

    259 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    20 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow downloading malicious attachments in a password protected archive

    When attachments are detected as malware, upon downloading from O365 Security&Compliance for further investigation Defender immediately recognizes malware and deletes files. To allow further manual investigation or submission to e.g. sandbox there should be option to download (malicious) attachments in form of password protected archive. Something similar is already available in MS Defender ATP.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  3. Please show the malware name or type of malware in "View quarantined"

    Under Threat Management -> Review -> Quarantine, in the message details, Quarantine reason should not just put Malware but also malware name or type.

    Or have summarised details of the malware or a link to the details.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  4. Security / Compliance Center Junk E-mail IP block does not appear in Show Detailed Table

    Security / Compliance Center Junk E-mail IP block does not appear in Show Detailed Table

    セキュリティ/コンプライアンスセンター迷惑メールの IP ブロックが、 [詳細な表の表示] に表示されない

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  5. Please create a PowerShell cmdlet to schedule when exporting malware of Real-time detections

    I would like you to create a PowerShell cmdlet to schedule when exporting malware of Real-time detections.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  6. MCAS support for other endpoint protection software

    It would be nice if MCAS integrated with other endpoint protection software rather than having to go with Windows Defender ATP

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  7. Freedom of custom text

    I want to be able to change the content of the notification text for each detected email when an email is detected as malware.

    This request is based on customer's voice.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  8. Extensions

    The Anti-Malware Policy should allow me to manually input file extensions that should be considered malware. I should not have to pick from a list provided by Microsoft (this is already an option with Exchange Transport Rules)

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  9. Add visual indicator that malicious file blocked in "Shared with me/Shared by me"

    When Office 365 ATP for SharePoint, OneDrive, and Microsoft Teams is enabled, visual indicators that a file is blocked are present only in the Modern experience, however, these indicators do not surface in Shared with Me/Shared by Me. It would be useful to have these indicators appear in Shared with Me/Shared by Me to easily identify blocked files and for consistency across the Modern experience

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  10. malware

    Bypass Malware Filter

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  11. Problema al crear filtro de malware en el Centro de Administración de Exchange

    Desde hace varias semanas hemos venido recibiendo en varios buzones de correo mensajes que incluyen un archivo adjunto de tipo "IMG" (imágenes de disco) el cual a su vez contiene archivos ejecutables. Cuando el usuario abre el archivo adjunto, Windows 10 monta la imagen (crea una unidad de disco en el equipo) y muestra el contenido, el cual al ser abierto infecta el equipo y da inicio a una serie de tareas típicas en casos de malware.
    Días después del inicio de estos mensajes entrantes, encontramos que a través de una de las cuentas receptoras se estaban enviando masivamente mensajes…

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  12. 18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  13. list the email that triggered the potentially malicious url click detected

    The Alert that is created for "A ptentially malicious URL click was detected" doesn't list where the URL was located. Please add the sender and subject line for the email that contained the URL to make it easier to find these emails.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  14. Notifications for Submission results in Security and Compliance Center

    Currently once a report has been submitted through the "Submissions" section of the "Threat Management" category inside the Security and Compliance Center, the only method of finding out when a submission rescan has completed is by going into the portal and checking for its status manually. Sometimes scans can take more than a day to complete, it would prove useful to have some kind of notifications for scan completion.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  15. Need a way to determine which messages failed ZAP

    There is an alert which states 'Malware auto purge failed due to user configuration' for users which have disabled junk mail. It list the users but I would like a way to pivot from this alert to see the specific messages for which ZAP failed.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  16. Option to disable common attachment types filter for internal mail only

    Today you can define common attachment types that will treat certain file types as malware. There should be an option in the malware policy that would ignore this filter for internal mail only, but treat such file types as usual for incoming external mail.

    As an example, ATP Safe Links have an option to ignore the mechanism for internal mail and so should the attachment filter.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  17. I want to be able to change the language of notification mail when detecting malware

    We recognize that the language of notification mail when detecting malware is only English and Japanese
    I want to be able to change the language of notification mail from English to Japanese

    8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  18. I ran a malware test from https://www.emailsecuritycheck.net and Outlook 365 failed every test.

    I ran a malware test from https://www.emailsecuritycheck.net and Outlook 365 failed every test. My suggestion is to perhaps check for malware?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add functionality of native link rendering to Outlook MSI Build

    Beginning in October 2018 my organization was please to hear the the extremely long Safe Links URLS are no longer being re-written in Outlook. Once I noticed it was working in OWA I contacted MicroSoft only to be told this is only for the Click2Run version of Outlook. My company has 1000's of users with MSO build already installed.

    Please bring this feature to ALL versions of ProPlus in the near future!

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  20. block only html attachment - not html email

    If you add .html as file type to the malware filter, also many html emails are blocked (not only html attachments).

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4
  • Don't see your idea?

Feedback and Knowledge Base