How to integrate Outlook Reporting with CyberPilot
See when your users click the "report" button in Outlook to report suspicious emails when doing phishing training.
When users receive a simulated phishing email and click the "report this mail as phishing" button, you can see these reports in the CyberPilot app. In order to use this feature, you must have a Microsoft Entra ID (formerly Azure AD) integration and set some additional permissions.
To Do
- If you have not already made the Microsoft Entra ID integration, then do that first. Follow the guide here.
- When you have set up the Microsoft Entra ID integration, you are ready to set the additional permissions. Follow the guide here.
- Let your Customer Success Manager know when you are done.
Note: Some Microsoft permissions take 24 hours to become active, so be patient.
Will not work on hybrid or on-prem solutions
Microsoft Report Message Add-in is primarily designed to work with mailboxes hosted in Exchange Online. In a hybrid setup, if user mailboxes are still located on-premises (e.g., Exchange Server 2019), the add-in cannot send report data to Microsoft Defender or Microsoft 365 Security & Compliance. This limitation is what causes the Report Message button to appear grayed out or disabled in Outlook.
This is a technical limitation on Microsoft’s side.
Still have a question?
Contact us at support@cyberpilot.io