This demo shows how Defender for Office 365 Plan 2 uses Explorer to hunt and remediate malicious email, and how the new Email entity page in Microsoft 365 Defender makes investigations faster. It walks through Explorer views (Malware, Phish, User submissions, All email, Campaigns), filtering by recipients, attachments, tags, priority accounts, and date ranges—then using Advanced queries when you need more precision. From an email result, it opens the new email page: basic detection/email details, a chronological timeline, deep Analysis data (detection, sender/recipient, authentication, full header), plus Attachments and URL tabs with detonation insights (verdict reasons, IoCs, observed behaviors, dropped files, contacted IPs, screenshots). It also shows Email preview and wraps with taking remediation actions in bulk from Explorer, tracked later in Action Center—no PowerShell gymnastics required.
We produced this as an investigation-first demo that mirrors how analysts actually work: start in Explorer, pivot into the email page for the truth, then act. The edit keeps the viewer oriented as the workflow moves from list views to deep analysis, and the pacing gives just enough breathing room on the “this is the important pane” moments so the details stick. Final delivery includes closed captions, audio description, and thumbnails.
The inevitable sequels
Hollywood keeps stretching good ideas into progressively worse sequels. We don’t. These are the related videos—spiritual siblings of the one you just watched—as good or better than this video. Expect callbacks, new plot twists, and maybe even a scene-stealing cameo from a lower third.
