Staying ahead of malicious threats is paramount. With the proliferation of sophisticated malware, organizations face an uphill battle in safeguarding their digital assets. Microsoft Defender Secure Score emerges as a beacon of defense, offering actionable insights to fortify resilience against cyber-attacks. 

This post highlights the implementation of zero-hour auto purge policies,

Note: “Recommended action” Remediations as identified by “Microsoft 365 admin center Portal ( \ Security \ Secure score \ Recommended actions”

Rank Recommended action

132 Create zero-hour auto purge policies for malware

Microsoft Security Score

Secure Score Improvement: +0.57%



Zero-hour auto purge (ZAP) quarantines the message that contains malware attachment for both read, as well as unread, messages that are found to contain malware after delivery. Only admins can view and manage messages that have been quarantined.

For additional information, see Zero-hour auto purge in Microsoft Defender for Office 365 | Microsoft Learn

Implementation status

100% of users are affected by policies that are configured securely

  • Strict Preset Security Policy1705598237230 – 1 users (100%)



You have Microsoft Defender for Office 365 P1.

Next steps

Ensure that all users have an assigned Anti-malware policy with the ‘Enable zero-hour auto purge for malware’ option enabled, by either updating your existing policies or creating new ones.

For detailed implementation instructions, see Configure anti-malware policies | Microsoft Learn

Learn more


bolstering cybersecurity posture.