Microsoft recently introduced manual incident creation in preview for Defender to help security teams investigate threats beyond automated detections. Analysts can now instantly track, manage, and correlate user reported threats and other security findings, even when no alert is generated automatically.
Microsoft has introduced two new service plans named ‘Entra Conditional Access for Agents’ and ‘Entra ID Protection for Agents’ under Microsoft 365 Agent and E7 licenses. Starting in July 2026, organizations using agent security capabilities must ensure they have the required Microsoft 365 Agent or E7 licenses to continue accessing these features without disruption. This blog explains the licensing update, its impact on organizations, and the steps admins should take to ensure AI agents remain protected.
Starting September 7, 2026, Microsoft Entra ID will require explicitly registered authentication methods for Self-Service Password Reset (SSPR) verification. This blog dives into the details of this security update and the critical actions admins must take to prepare.
Until now, organizations needed an Office 365 Extra File Storage add-on for additional SharePoint storage, which required fixed-capacity purchases that often led to unused costs. To address this, Microsoft has introduced a pay-as-you-go billing model for SharePoint storage in Microsoft 365. This allows organizations to pay only for the additional storage they consume beyond their included quota. In this blog, we’ll explore Microsoft’s pay-as-you-go SharePoint storage model and how it can help optimize costs.
The introduction of Device Soft Delete in Microsoft Entra ID (Public Preview) brings a much-needed recovery layer for device management. Instead of being permanently deleted, devices now move into a soft-deleted state, allowing admins a 30-day window to restore them when needed.
Starting in early June 2026, Microsoft Outlook will support external email tags within inbox rules, allowing users to automatically organize and categorize external emails for improved prioritization.
Struggling to automate secure monitor manage M365?
Try AdminDroid for Free!Get Microsoft 365 Security tips & best practices
Learn how to create manual incidents and alerts in Microsoft Defender and investigate user reported threats beyond automated detections.
6 min read
Use custom account correlation rules in Microsoft Defender to link related identities and improve threat detection.
10 min read
Discover why attackers target workload identities and how to detect, remediate, and secure them in Microsoft Entra ID.
13 min read
Microsoft will require registered authentication methods for SSPR verification. Find unregistered users amd prepare for enforcement.
4 min read
Learn how to securely configure the My Staff portal in Microsoft Entra ID using PIM and Conditional Access to protect delegated admin access.
9 min read
Create a SharePoint site ownership policy to detect ownerless sites, notify users to assign owners, and enforce read-only or archive actions.
11 min read
Detect Storm-2949 attacks in Microsoft 365 using AdminDroid. Identify and act early before it escalates into a cloud breach
8 min read
Learn how to control unmanaged device access in SharePoint Online to protect data by limiting or blocking access from non-compliant devices at tenant and site level.
11 min read
Explore default user permissions in Microsoft 365 and learn how to manage these built-in settings that are enabled by default.
13 min read
Discover how the Shadow AI page in Microsoft 365 helps you identify, monitor, and block unauthorized AI tools to reduce risk and secure usage.
4 min read
Discover the top Microsoft 365 security settings you should disable to reduce risks, prevent data exposure, and strengthen tenant security.
16 min read
Learn how to prevent calendar phishing attacks in Microsoft 365 and protect users from malicious meeting invites that bypass email security.
12 min read