Security

Microsoft Defender Email Security Benchmark Insights

3 min read

Summary

Microsoft has shared one year of real-world email security benchmarking data showing Defender consistently leading in pre-delivery detection versus SEG vendors. The latest results also show ICES tools add the most value for promotional and bulk email, while Defender now handles the vast majority of post-delivery malicious remediation.

Need help with Security?Talk to an Expert

Introduction

Microsoft has published a full year of email security benchmarking data for Microsoft Defender, comparing its performance with secure email gateway (SEG) and integrated cloud email security (ICES) vendors. For security teams, this matters because the data is based on real-world telemetry rather than synthetic tests, giving administrators a more practical view of how layered email protection performs in production.

What’s new in the latest benchmark

Over four consecutive quarterly reports, Microsoft says several trends have remained consistent:

  • Defender leads in pre-delivery detection: Since July 2025, Defender has missed fewer high-severity email threats than every SEG vendor evaluated.
  • Latest quarter widened the gap: From February to April 2026, Defender reportedly missed 59% fewer high-severity threats than the next-closest SEG vendor.
  • ICES value is strongest for promotional filtering: Across the last quarter, ICES vendors improved promotional and bulk email filtering by 16.85% on average.
  • Limited uplift for malicious and spam catch: Average ICES improvement was only 0.13% for malicious email and 0.28% for spam in the latest period.
  • Defender now dominates post-delivery remediation: Microsoft says Defender handled 96.03% of post-delivery malicious catch on average, up from 70.8% in the previous quarter.

Product innovation tied to the benchmark

Microsoft also linked recent Defender and Outlook improvements to lessons learned from this benchmarking effort:

  • A native Promotions folder in Outlook to better separate bulk and promotional mail from priority messages
  • AI-based grading enhancements to reduce manual review and speed analysis of submitted emails
  • Security Copilot Alert Triage Agent and Email Summary features to help SOC teams classify user-reported phishing faster and improve investigation accuracy

What this means for IT admins

For Microsoft 365 and security administrators, the report reinforces a few practical points:

  • Defender appears to be a strong primary control for pre-delivery email threat detection
  • Organizations using multi-vendor email security should evaluate ICES tools mainly for inbox clutter reduction rather than expecting major gains in malicious email detection
  • Post-delivery investigation and remediation remain critical, especially when users report suspicious messages after delivery

Next steps

Admins should review their current email security stack and compare it against these benchmark trends. If you use Defender with third-party ICES tools, validate whether those products are delivering measurable value in your environment, especially for promotional filtering, SOC workflow integration, and post-delivery response.

Teams should also watch for the general availability of the new Outlook Promotions folder and consider how Security Copilot capabilities could improve phishing triage and analyst efficiency.

Need help with Security?

Our experts can help you implement and optimize your Microsoft solutions.

Talk to an Expert

Stay updated on Microsoft technologies

Read the original article by Jeff Pinkston
Microsoft Defenderemail securitySEGICESphishing protection

Related Posts

Security

ASSERT Framework Turns AI Specs Into Executable Evals

Microsoft has released ASSERT, an open-source framework that converts natural-language behavior requirements into executable evaluation pipelines for AI models, agents, and applications. The tool helps teams build behavior-specific tests faster, improve regression coverage, and better validate whether AI systems follow product policies and safety expectations.

Security

AI Activity Investigations: New Microsoft Playbook

Microsoft has published a new investigator playbook to help security teams reconstruct AI-related activity across Microsoft 365 Copilot and Azure AI services. The guidance brings together telemetry, KQL queries, schema references, and detection logic across Purview, Defender, and Sentinel so investigators can move from isolated signals to a clear incident timeline.

Security

AI Brand Phishing Campaigns Target Microsoft Users

Microsoft Threat Intelligence reports a rise in phishing, malvertising, and SEO-driven attacks that abuse popular AI brands like ChatGPT, Claude, Copilot, and DeepSeek as social engineering lures. The campaigns use familiar tactics such as urgent payment notices, fake policy violations, and malicious installers to steal credentials, payment data, and deploy malware, making user awareness and layered defenses critical.

Security

AI GitHub Actions Secret Exposure in Claude Code

Microsoft Threat Intelligence found that Anthropic’s Claude Code GitHub Action could expose CI/CD secrets when AI agents process untrusted GitHub content such as issues, pull requests, and comments. Anthropic fixed the issue in Claude Code 2.1.128, but the research highlights broader risks for any AI-enabled workflow with access to secrets, file reads, or outbound communication.

Security

Agentic AI Failure Modes Taxonomy Updated by Microsoft

Microsoft has updated its taxonomy of failure modes in agentic AI systems after a year of red teaming against real-world deployments. The v2.0 framework adds seven new risk categories and expanded mitigations, giving security teams a more practical model for assessing agentic AI threats such as MCP/plugin abuse, goal hijacking, and session context contamination.

Security

Red Hat npm Miasma Attack Hits CI/CD Supply Chains

Microsoft Threat Intelligence uncovered a large-scale npm supply chain attack involving trojanized packages under the @redhat-cloud-services scope. The campaign abused a compromised CI/CD publishing workflow to deliver credential-stealing malware targeting GitHub, npm, AWS, Azure, GCP, Kubernetes, and developer systems, making it especially relevant for security teams and DevOps administrators.