Microsoft has announced two major initiatives aimed at increasing transparency in email security effectiveness, addressing the growing challenge faced by chief information security officers (CISOs) in making data-driven cybersecurity decisions.
The company is launching a new customer-facing dashboard for Microsoft Defender for Office 365 and releasing comparative benchmarking reports to help organizations evaluate email security solutions.
The newly released Defender for Office 365 overview dashboard provides security teams with comprehensive visibility into cybersecurity effectiveness across multiple threat vectors.
The dashboard tracks threats blocked pre-delivery, threats mitigated post-delivery, and even “missed” threats, offering detailed insights into how Microsoft’s security capabilities perform.
“Our goal is simple: to help you confidently answer the question ‘How are my organization’s users being protected from malicious content and cyberattacks when using email and other collaboration surfaces like Microsoft Teams?'”
Microsoft stated in their announcement. The dashboard includes specific details on how Defender for Office 365 capabilities like Safe Links, Safe Attachments, and Zero-hour Auto Purge contribute to organizational threat protection.
Unlike traditional synthetic testing environments, Microsoft’s approach utilizes real-world threat data from the Microsoft ecosystem to provide objective comparisons at scale.
All data presented follows strict security and privacy principles, with aggregated and anonymized information similar to that published in the Microsoft Digital Defense Report.
Microsoft Defender for Office 365
Microsoft’s comprehensive benchmarking study analyzed seven Secure Email Gateway (SEG) vendors alongside Microsoft Defender for Office 365, revealing significant performance differences.
The analysis measured missed threats per 1,000 protected users, applying a stricter standard to Microsoft’s own solution than to competing vendors.
Results demonstrated that when baselined against other solutions, Defender for Office 365 missed the least threats among all tested platforms.
For SEG vendors, threats were considered “missed” only if not detected pre-delivery or not removed shortly after delivery, while Microsoft applied stricter criteria to its own solution, counting post-delivery removals as missed threats.
The study also examined Integrated Cloud Email Security (ICES) vendors, which operate as secondary filters after Microsoft Defender for Office 365.
Analysis showed that combining ICES products with Defender yielded the greatest impact in detecting promotional or bulk email, with an average improvement of 20%.
However, for malicious messages and spam, the average improvement was modest at 0.30% for malicious content and 0.51% for spam detection.
Quarterly Updates
Microsoft has engaged SE Labs, recognized experts in email security testing, to independently review their benchmarking methodology, ensuring adherence to the highest quality standards.
Simon Edwards, Founder and CEO of SE Labs, praised the initiative, stating that “showing the additional benefit uplift vendors provide using real threats, as Microsoft has done here, can help with this important decision.”
To support ongoing data-driven decisions for customers, Microsoft plans to provide quarterly updates for these benchmarks while continuing to refine their approach through ecosystem collaboration.
The company emphasized that security is “a team sport” and encourages customers to evaluate how solutions deployed in their tenants are collectively performing.
This transparency initiative represents Microsoft’s commitment to not only securing organizations but also providing reliable tools and actionable data to help customers evaluate security efficacy and maintain organizational safety in an increasingly complex threat landscape.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
.webp?w=356&resize=356,220&ssl=1 "Microsoft Teams Blocking Users from Accessing Embedded Office Documents")
