Microsoft Defender Integration with MetaPhish

Integrate the MetaPhish 'Report a phish' button with Microsoft Defender for Office to send emails to Microsoft’s Submissions page for analysis.

How it works

  1. With this integration, you can allow your users to report suspicious emails to both your organisation and Microsoft with a single action.
  2. In the Microsoft 365 Defender platform, the Submissions page receives emails that users report. 


  1. Enhanced Security Insights: This integration ensures that reported phishing emails are not only flagged within MetaPhish but also analysed by Microsoft Defender, providing comprehensive insights into potential threats without sacrificing any functionality of Defender's analytics.
  2. Streamlined Phishing Reporting: The integration streamlines the phish reporting process for users. When they identify a suspicious email, and report it using MetaPhish's button, the email is simultaneously sent to Microsoft Defender for analysis. This ensures that users can efficiently report phishing attempts without disrupting their workflow, while also benefiting from the added security measures of both platforms.
  3. Improved Risk Management: By feeding reported phishing attempts into MetaPhish's platform, the integration enables users to track and manage their risk more effectively. Information about reported phishing attempts is captured within MetaPhish, allowing users to monitor who has reported the phish and how it has impacted their risk score. This holistic approach to risk management empowers users to better understand and mitigate potential security threats.

The following article will help to get you started: How to set up Microsoft Defender Integration

Back to all articles