Microsoft has introduced support for near real-time custom detections in its Microsoft 365 Defender solution. The new Continuous (NRT) feature enables customers to create custom detection rules that run in near real-time to block sophisticated attacks.
Microsoft 365 Defender allows customers to create custom detection rules to monitor specific threats, activities, and misconfigured endpoints. These rules are based on the specified conditions and can be used to trigger alerts, notifications, and response actions. Microsoft 365 Defender also provides a set of pre-defined detection rules that can be customized to meet specific requirements.
“These detections can be integrated with the broad set of Microsoft 365 Defender across email, endpoint, and identity, leading to faster response times and faster mitigation of threats. This means your custom logic will run and evaluate all available signals and alerts faster than ever before and will trigger your predefined response action immediately, once a match is detected,” the Microsoft 365 Defender team explained.
Microsoft has emphasized that enterprise customers are facing a growing number of online threats. Therefore, organizations must implement strong security measures to address these threats and protect sensitive data. These custom detections and automated response capabilities will help IT admins to monitor recent vulnerabilities. The feature also makes it easier for administrators to detect and remove unwanted emails.
Microsoft says that the near real-time detection capabilities are available in preview for all businesses. The company encourages customers to provide feedback to improve threat detection and response mechanisms in enterprise environments.