Feedback by UserVoice

Office 365 Security & Compliance

We have partnered with UserVoice, a third-party service and your use of the portal and your submission is subject to the UserVoice Terms of Service & Privacy Policy. Please do not send any novel or patentable ideas, copyrighted materials, samples or demos for which you do not want to grant a license to Microsoft.

Welcome to the Security (Protection) & Compliance UserVoice forum. We’re happy you’re here! If you have suggestions or ideas on how to improve Security or Compliance related features in O365, we’d love to hear them!

How it works
◾Check out the ideas others have suggested and vote on your favorites
◾If you have a suggestion that’s not listed yet, submit your own — 25 words or less, please
◾Include one suggestion per post

Thanks for joining our community and helping improve these features in Office 365!

Need Tech Support? Please see the O365 Community for the product or feature you are having issues with, or open a support ticket through your Office 365 administrator portal.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. MCAS support for other endpoint protection software

    It would be nice if MCAS integrated with other endpoint protection software rather than having to go with Windows Defender ATP

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow downloading malicious attachments in a password protected archive

    When attachments are detected as malware, upon downloading from O365 Security&Compliance for further investigation Defender immediately recognizes malware and deletes files. To allow further manual investigation or submission to e.g. sandbox there should be option to download (malicious) attachments in form of password protected archive. Something similar is already available in MS Defender ATP.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  3. Please show the malware name or type of malware in "View quarantined"

    Under Threat Management -> Review -> Quarantine, in the message details, Quarantine reason should not just put Malware but also malware name or type.

    Or have summarised details of the malware or a link to the details.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  4. Please create a PowerShell cmdlet to schedule when exporting malware of Real-time detections

    I would like you to create a PowerShell cmdlet to schedule when exporting malware of Real-time detections.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  5. Freedom of custom text

    I want to be able to change the content of the notification text for each detected email when an email is detected as malware.

    This request is based on customer's voice.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  6. Security / Compliance Center Junk E-mail IP block does not appear in Show Detailed Table

    Security / Compliance Center Junk E-mail IP block does not appear in Show Detailed Table

    セキュリティ/コンプライアンスセンター迷惑メールの IP ブロックが、 [詳細な表の表示] に表示されない

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  7. Extensions

    The Anti-Malware Policy should allow me to manually input file extensions that should be considered malware. I should not have to pick from a list provided by Microsoft (this is already an option with Exchange Transport Rules)

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  8. Notifications for Submission results in Security and Compliance Center

    Currently once a report has been submitted through the "Submissions" section of the "Threat Management" category inside the Security and Compliance Center, the only method of finding out when a submission rescan has completed is by going into the portal and checking for its status manually. Sometimes scans can take more than a day to complete, it would prove useful to have some kind of notifications for scan completion.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  9. malware

    Bypass Malware Filter

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  10. Problema al crear filtro de malware en el Centro de Administración de Exchange

    Desde hace varias semanas hemos venido recibiendo en varios buzones de correo mensajes que incluyen un archivo adjunto de tipo "IMG" (imágenes de disco) el cual a su vez contiene archivos ejecutables. Cuando el usuario abre el archivo adjunto, Windows 10 monta la imagen (crea una unidad de disco en el equipo) y muestra el contenido, el cual al ser abierto infecta el equipo y da inicio a una serie de tareas típicas en casos de malware.
    Días después del inicio de estos mensajes entrantes, encontramos que a través de una de las cuentas receptoras se estaban enviando masivamente mensajes…

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  11. list the email that triggered the potentially malicious url click detected

    The Alert that is created for "A ptentially malicious URL click was detected" doesn't list where the URL was located. Please add the sender and subject line for the email that contained the URL to make it easier to find these emails.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  12. Option to disable common attachment types filter for internal mail only

    Today you can define common attachment types that will treat certain file types as malware. There should be an option in the malware policy that would ignore this filter for internal mail only, but treat such file types as usual for incoming external mail.

    As an example, ATP Safe Links have an option to ignore the mechanism for internal mail and so should the attachment filter.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  13. I ran a malware test from https://www.emailsecuritycheck.net and Outlook 365 failed every test.

    I ran a malware test from https://www.emailsecuritycheck.net and Outlook 365 failed every test. My suggestion is to perhaps check for malware?

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  14. Add visual indicator that malicious file blocked in "Shared with me/Shared by me"

    When Office 365 ATP for SharePoint, OneDrive, and Microsoft Teams is enabled, visual indicators that a file is blocked are present only in the Modern experience, however, these indicators do not surface in Shared with Me/Shared by Me. It would be useful to have these indicators appear in Shared with Me/Shared by Me to easily identify blocked files and for consistency across the Modern experience

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  15. block only html attachment - not html email

    If you add .html as file type to the malware filter, also many html emails are blocked (not only html attachments).

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  16. 3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  17. Need a way to determine which messages failed ZAP

    There is an alert which states 'Malware auto purge failed due to user configuration' for users which have disabled junk mail. It list the users but I would like a way to pivot from this alert to see the specific messages for which ZAP failed.

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  18. ransomware

    I want to report the other day A screen appeared in a window which I believe was an attempt at ransomware, It said it was from Microsoft, which I don't believe, it said that my device had a virus and that I should call Microsoft right away. It also warned not to close the page and if I didn't comply they would disable my computer. It said the virus was number 268B3 and I should call Microsoft at 1-888-814-9523. I hope you can find the criminal and take him or her off the cyberspace.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  19. 18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
  20. Ability to whitelist 3rd party anti-phish reporting tools

    Although the malware filters are working as expected, some companies I have worked for use third party tools (i.e. PhishMe or PhishGuru) to mitigate Phishing and Spam emails.

    These tools come with Outlook Add-in's for users to submit emails that did not get blocked originally. Since the malicious email made it through to the users mailbox, by the time they submit to such a service, the email gets blocked by the Malware filter now, recognized the malicious and therefore it goes unreported or in our case the user gets an email from EOP station that the message was rejected as…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Malware  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4
  • Don't see your idea?

Feedback and Knowledge Base