Description
User-Based Aggregation consolidates DLP alerts by user identity i.e. a DLP rule violations, in a specified aggregation time window, of the same rule and single user will be aggregated into a single alert enabling quicker triage and remediation. Instead of reviewing alerts containing rule match events of multiple users, DLP admin can now analyze grouped DLP rule match events per user, gaining insights into repeated policy violations and anomalous behavior.
Change History
February 26, 2026 at 2:00 AM
Updated
Status
Previous
In development
New
Rolling out
Modified Date
Previous
2025-12-10T00:15:49.000Z
New
2026-02-26T00:15:05.000Z
January 21, 2026 at 6:00 PM
Updated
Product
Previous
Microsoft Purview compliance portal
New
Microsoft Purview
Never Miss a Microsoft 365 Update
Join thousands of IT professionals who rely on DeltaPulse for real-time Microsoft 365 change intelligence, automated notifications, and community insights.