Since our inception, we've prided ourselves on "catching what Microsoft misses." We scan every email that Microsoft lets through and give it a thumbs up or down, providing a critical second layer of security.

We continue to do this with high efficacy.

Recently, we've heard from many customers and prospects that Microsoft's new Secure by Default approach has some pros and cons. In this approach, emails deemed as High-Confidence Phishing by Microsoft are automatically quarantined, regardless of policy.

This is more secure, and we applaud that. However, customers and prospects have noted that many of these High-Confidence phishing detections aren't actually phishing. This leads to admins spending a lot of time reviewing and releasing from quarantine.

We integrate with the Microsoft quarantine via our patented Unified Quarantine feature. This allows us to inspect every email quarantined by Microsoft.

Now, we can configure it to automatically release emails quarantined by Microsoft as high-confidence phishing, so long as we classify them as clean. 

Essentially, we can inspect all items in the Microsoft quarantine. If we think a Microsoft high-confidence phishing detection is clean, admins can now configure those emails to be automatically released from quarantine.

If we scan the email and it is indeed phishing, it stays right where it is. If it isn't, per policy, it can go safely into the user's inbox. 

This allows us to abide by Microsoft's Secure By Default approach while ensuring that all blocked emails stay blocked, and all legitimate emails reach their intended recipient.