Forensics and Incident Response

Respond faster to email attacks.

Identify

Users can report phishing and other suspicious emails to their IT administrators directly from the Outlook Essentials Message Actions add-in. This provides end users with a simpler way to report suspicious emails to their IT department. Reported messages will appear within Forensics and Incident Response for IT to review, investigate, and take corrective action.

Forensics and Incident Response gives you access to Insights, to glean more information about email use patterns. This intelligence can be used to identify anomalies within delivered mail and to uncover instances of phishing attacks that might otherwise go undetected.

Investigate

Identity all users who received malicious emails and clicked on links, replied to or forwarded these messages. Automatically send them email notifications with instructions to change their passwords and other necessary remediation actions.

Respond

Forensics and Incident Response lets you identify, track, and resolve email attacks that originate outside your organization, such as a phishing or ransomware attack. You can search for any ALLOWED email (by subject and/or sender) that your users report to you as malicious, identify all recipients, and perform remediation action on the same.

Use Forensics and Incident Response to identify users that received malicious email and automatically send alerts notifying them of an incident. These emails can be sent in bulk to all affected users.

Use Forensics and Incident Response to identify users that received malicious email and permanently remove malicious emails directly from user inboxes. This action can be taken by IT administrator without need to involve end users.