{"id":14866,"date":"2026-02-07T09:01:29","date_gmt":"2026-02-07T00:01:29","guid":{"rendered":"https:\/\/m365jp.net\/?p=14866"},"modified":"2026-02-07T09:03:18","modified_gmt":"2026-02-07T00:03:18","slug":"mc1228325-public-preview-new-built-in-alert-tuning-rules-for-microsoft-defender-for-endpoint-in-microsoft-defender-xdr","status":"publish","type":"post","link":"https:\/\/m365jp.net\/index.php\/2026-02-07-mc1228325-public-preview-new-built-in-alert-tuning-rules-for-microsoft-defender-for-endpoint-in-microsoft-defender-xdr","title":{"rendered":"MC1228325 | (Public Preview) New built in alert tuning rules for Microsoft Defender for Endpoint in Microsoft Defender XDR"},"content":{"rendered":"
\n
\n
\n\n\n\n
MC1228325 | (Public Preview) New built in alert tuning rules for Microsoft Defender for Endpoint in Microsoft Defender XDR<\/th>\n<\/tr>\n<\/tbody>\n<\/table>\n
\n\n\n\n\n\n\n\n\n
Classification<\/th>\nstayInformed<\/td>\n<\/tr>\n
Last Updated<\/th>\n02\/06\/2026 23:24:27<\/td>\n<\/tr>\n
Start Time<\/th>\n02\/06\/2026 23:22:58<\/td>\n<\/tr>\n
End Time<\/th>\n03\/20\/2026 07:00:00<\/td>\n<\/tr>\n
Message Content<\/th>\n\n

[Introduction]<\/b><\/p>\n

Microsoft Defender XDR is adding six new Microsoft-curated built-in alert tuning rules for Microsoft Defender for Endpoint (MDE<\/b>) to help reduce low-priority endpoint alerts reaching your queues. <\/p>\n

[When this will happen:]<\/b><\/p>\n

    \n
  • February 8, 2026: Rules become visible in the portal (Preview) for review. <\/li>\n
  • February 8\u2013February 18, 2026: Rules are visible but not active, so you can review and opt out if needed. <\/li>\n
  • February 18, 2026: Rules become active by default. <\/li>\n<\/ul>\n

    [How this affects your organization:]<\/b><\/p>\n

    Who is affected: <\/b>Admins using Microsoft Defender XDR with MDE.<\/p>\n

    What will happen:<\/b><\/p>\n


    <\/b><\/p>\n

      \n
    • With the default experience, you should see fewer informational or low severity endpoint alerts in your incident\/alert queues, because matching alerts will be handled automatically. <\/li>\n
    • Some rules use Resolve <\/b>and others use Set as Behavior<\/b>, which reclassifies an alert as a behavior record. These alerts will not appear in open alert queues. They also will not generate incidents, while still remaining available for investigation and hunting.<\/li>\n
    • You stay in control: all built in rules are visible in Settings <\/b>> Microsoft Defender XDR<\/b> > Alert Tuning<\/b>, and you can disable any rule anytime<\/b>. <\/li>\n<\/ul>\n

      [What you can do to prepare:]<\/b><\/p>\n

Machine Translation<\/th>\n\n

[\u306f\u3058\u3081\u306b]<\/b><\/p>\n

Microsoft Defender XDR\u306f\u3001Microsoft Defender for Endpoint(MDE<\/b>)\u5411\u3051\u306b\u3001\u4f4e\u512a\u5148\u5ea6\u306e\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u30a2\u30e9\u30fc\u30c8\u304c\u30ad\u30e5\u30fc\u306b\u5c4a\u304f\u306e\u3092\u6e1b\u3089\u3059\u305f\u3081\u306b\u3001Microsoft\u304c\u53b3\u9078\u3057\u305f6\u3064\u306e\u65b0\u3057\u3044\u30a2\u30e9\u30fc\u30c8\u30c1\u30e5\u30fc\u30cb\u30f3\u30b0\u30eb\u30fc\u30eb\u3092\u8ffd\u52a0\u3057\u307e\u3059\u3002<\/p>\n

[\u3044\u3064\u8d77\u3053\u308b\u304b:]<\/b><\/p>\n