Boost your detection and response workflows with alert tuning

Posted by

This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Community Hub.

As cyber threats become more sophisticated and frequent, organizations need to be vigilant in monitoring their digital assets for potential security breaches.


Microsoft 365 Defender is an XDR platform that delivers a unified investigation and response experience and provides native protection across endpoints, hybrid identities, email, collaboration tools, and cloud applications with centralized visibility, powerful analytics, and automatic attack disruption.


Today we are excited to introduce alert tuning in Microsoft 365 Defender to help security teams detect and respond to potential security threats even more effectively.


Alert tuning enhances how organizations monitor alerts and incidents. It enables analysts to set specific criteria to resolve alerts automatically using different attributes such as user, device, file, or app for all Microsoft 365 Defender sources. This feature makes it easier to calibrate alerts and keep the list of active incidents focused on the most relevant and critical issues.


Figure 1: New alert tuning experience in Microsoft 365 DefenderFigure 1: New alert tuning experience in Microsoft 365 Defender


Alert tuning is designed to help security teams streamline their incident response process by automating the resolution of common and repetitive alerts. This will allow analysts to focus on the most critical issues, rather than getting bogged down in routine tasks, while also helping organizations respond to potential threats faster.


In addition, it will help enhance the overall accuracy of alert notifications by setting specific criteria for alerts that are relevant to their environment. This will help reduce the number of false positives and further limit noise to ensure that analysts investigate and focus on prevalent security incidents instead.


The new alert tuning feature in Microsoft 365 Defender helps organization to better protect their digital estate against cyber threats by streamlining the incident response process and reducing false positives even further.

Start exploring this new feature today and find out how it can enhance your organization's detection and response process.


Learn more




Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.