Description
We are expanding the auto-remediation capabilities in Automated Investigations and Response (AIR) to fully automate the remediation of malicious similarity clusters. Earlier this year, we introduced auto-remediation for malicious URL and file clusters. Building on that foundation, this enhancement enables AIR to automatically approve all pending remediation actions it generates—eliminating the need for manual intervention and streamlining the response process for SOC teams. This advancement significantly reduces response time and operational overhead, allowing security teams to focus on higher-priority threats.
Change History
February 24, 2026 at 8:00 PM
Updated
Product
Previous
Microsoft 365 Defender, Microsoft Defender for Office 365
New
Microsoft Defender for Office 365
Modified Date
Previous
2025-12-16T00:15:28.000Z
New
2026-02-24T16:30:56.000Z
December 16, 2025 at 4:01 AM
Updated
Status
Previous
In development
New
Launched
Modified Date
Previous
2025-09-03T23:00:02.000Z
New
2025-12-16T00:15:28.000Z
Never Miss a Microsoft 365 Update
Join thousands of IT professionals who rely on DeltaPulse for real-time Microsoft 365 change intelligence, automated notifications, and community insights.