This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(259.20000000000005, 56.00000000000001%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFD%3C/text%3E%3C/svg%3E)
Is there a way to send email notifications to someone when we assign an alert or incident specifically to them in Microsoft Defender? We already have email notifications set up for new alerts, but we're wondering if there is a way to notify team members when an alert has been assigned to them.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 78%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESG%3C/text%3E%3C/svg%3E)
Thank you for posting this in Microsoft Q&A.
I am looking into this issue and will get back to you post my research.
Hello,
In Microsoft Defender for Cloud, you can configure email notifications for alerts and attack paths. These notifications ensure timely delivery to the appropriate recipients. Here’s how you can set it up:
- Notify about alerts with the following severity (or higher) and select a severity level.
- Notify about attack paths with the following risk level (or higher) and select a risk level.
For Microsoft Defender XDR, you can create rules to determine the devices and alert severities for email notifications. Here’s how:
I hope this helps!
Remember to accept the answer if it is helpful.
Thank you for posting this in Microsoft Q&A.
You can configure Microsoft Defender XDR to send email notifications to specified recipients for new alerts. This feature enables you to identify a group of individuals who will immediately be informed and can act on alerts based on their severity.
If you're using Defender for Business, you can set up email notifications for specific users (not roles or groups).
You can set the alert severity levels that trigger notifications. You can also add or remove recipients of the email notification. New recipients get notified about alerts triggered after they're added. For more information about alerts, see View and organize the Alerts queue.
If you're using role-based access control (RBAC), recipients will only receive notifications based on the device groups that were configured in the notification rule. Users with the proper permission can only create, edit, or delete notifications that are limited to their device group management scope. Only users assigned to the Global administrator role can manage notification rules that are configured for all device groups.
The email notification includes basic information about the alert and a link to the portal where you can do further investigation.
To create rules for alert notifications you can follow below article,
Let me know if you have any further questions.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.