New Microsoft 365 Defender RBAC (Preview)

Hi All,

I've stumbled accross the new Microsoft 365 Defender Role-based access control (RBAC). It is still in Preview but i gave it a go.For now you can create the RBAC Roles only in the M365 Defender Portal. But Graph Integration is at least on the Roadmap.

Centrally manage permissions with the Microsoft 365 Defender role-based access control (RBAC) model

Microsoft 365 Defender role-based access control (RBAC)

Let's have a look. You can find it under the Microsoft 365 Defender Portal https://security.microsoft.com/mtp_roles


Let's create a custom role


Give it a Name and some Discription if you like


Select one of the Categories


Select the Permissions you need or want



Add an assignment


Give it a name and select the Identities



The summary page


Sucessfully created the RBAC Role


That's how it looks like in the Portal



I guess because of the "Security data basics (read)" Permissions i could access a lot of Information.


For just Microsoft 365 Defender for Office 365 / Exchang Online Protection Quarantine it's better to use the "Email and Collaboration Roles"


And assign just the Quarantine Permission


That's much better if you just want someone to manage the Quarantine



Regards
Andres Bohren