This demo tours the new unified Submissions experience in the Microsoft 365 Defender portal—the single Submissions page where SecOps can manage user-reported messages plus admin submissions for emails, email attachments, URLs, and files. It starts on the User reported messages tab (Explorer-like list view), then shows the required configuration to enable user reporting and decide where reports go (Microsoft, a mailbox you choose, or both—along with the note that submissions sent to Microsoft include the message as-is). From an individual reported message, it reviews the details pane (reported message details, delivery details, threat type, delivery action, plus extracted URLs and attachments) and calls out whether the item has been converted to an admin submission. It then moves into the admin submission tabs—Emails (submit by network message ID or upload an email file, flag false positive/negative, and optionally allow similar emails temporarily), Email attachments (upload the file), URLs (submit and track analysis), and Files (upload up to 500 MB, categorize as malware/unwanted software/clean, choose priority with a limit of three high-priority submissions per day, add notes, and submit).
We produced this as a “one page, all submissions” walkthrough that keeps the interface—and the decision points—easy to absorb. The script is built around the real sequence analysts follow (review, validate, submit, track), the screen capture stays tight on the fields that matter, and the edit trims away navigation drift so viewers come away knowing exactly where to go and what levers to pull. Final delivery includes closed captions, audio description, and thumbnails.
The inevitable sequels
Hollywood keeps stretching good ideas into progressively worse sequels. We don’t. These are the related videos—spiritual siblings of the one you just watched—as good or better than this video. Expect callbacks, new plot twists, and maybe even a scene-stealing cameo from a lower third.
