Updated August 15, 2024: We have updated the rollout timeline below. Thank you for your patience.
We will be gradually retiring the "Investigation priority score increase" policy support from Microsoft Defender for Cloud Apps between June and July 2024.
After careful analysis and consideration, we have decided to deprecate it due to the high rate of false positives associated with this alert, which we found was not contributing effectively to the overall security of your organization. Our research indicated that this feature was not adding significant value and was not aligned with our strategic focus on delivering high-quality, reliable security solutions. We are committed to continuously improving our services and ensuring that they meet your needs and expectations.
When this will happen:
We will begin rolling this out in late June 2024 (previously early June) and expect to complete by late September 2024 (previously late July).
How this will affect your organization:
SOC administrators and analysts will no longer be able to access, manage and use "Investigation priority score increase" alerts in "Microsoft Defender for Cloud Apps", when this change is implemented.
What you need to do to prepare:
If this policy type is used in your organization and is needed, we recommend using the Advanced Hunting query in the resource linked below.
Please use the following resources for additional information: