New Microsoft 365 Defender RBAC (Preview)

Hi All,

I’ve stumbled accross the new Microsoft 365 Defender Role-based access control (RBAC). It is still in Preview but i gave it a go.For now you can create the RBAC Roles only in the M365 Defender Portal. But Graph Integration is at least on the Roadmap.

Let’s have a look. You can find it under the Microsoft 365 Defender Portal

Let’s create a custom role

Give it a Name and some Discription if you like

Select one of the Categories

Select the Permissions you need or want

Add an assignment

Give it a name and select the Identities

The summary page

Sucessfully created the RBAC Role

That’s how it looks like in the Portal

I guess because of the “Security data basics (read)” Permissions i could access a lot of Information.

For just Microsoft 365 Defender for Office 365 / Exchang Online Protection Quarantine it’s better to use the “Email and Collaboration Roles”

And assign just the Quarantine Permission

That’s much better if you just want someone to manage the Quarantine

Andres Bohren