Enterprise Email Security Implementation

Automated quarantine digest, threat intel enrichment, and live KPIs for Microsoft 365.

Arc Innovations · 2025 · Power Automate · Microsoft Graph · Security · Analytics

Overview

We implemented a secure pipeline that ingests email threat data (spam, phishing, malware), enriches it with sender/IP intelligence, and generates an automated Quarantine Digest for end users and admins. A lightweight HTML dashboard surfaces trends, top senders, and release/keep actions. All actions are logged with correlation IDs for audit.

Microsoft Defender for O365 Graph/Exchange Online Power Automate PowerShell/Python GitHub Pages

Architecture (simplified)

Email Security Sources Defender for O365, EOP, Graph Ingestion Flow Power Automate / Script Enrichment Sender/IP intel, rules Quarantine Digest HTML email & dashboard Storage & Logs CSV/JSON + GitHub Pages

Pluggable: add VirusTotal/IPQualityScore, SIEM, or custom allow/deny logic.

Results

↓ 42%
Mean time to release
↑ 31%
User self-service actions
99.9%
Action audit coverage
0
Unlogged releases

Tech Stack

Microsoft Defender for Office 365
Exchange Online / Graph API
Power Automate (flows for ingestion, enrichment, digest build, artifact publish)
Optional enrichment via PowerShell/Python
Artifacts hosted on GitHub Pages (CSV/JSON)

Screenshots

Quarantine email list in Microsoft 365
Admin quarantine view (data source for the daily Digest).
Threat analytics dashboard
Threat analytics dashboard with trends and KPIs.
← Back to Portfolio
© Arc Innovations — Security Automation