Hi IMK
If you are not receiving any information about incidents related to Controlled Folder Access in the Microsoft 365 Security portal or through email notifications, there could be a few potential reasons for this issue:
Configuration Issue: Ensure that the necessary settings are properly configured in both Intune and Defender for Business to capture and report incidents. Review the configuration settings related to incident reporting and notifications in both Intune Endpoint Security and Defender Security Center to verify that they are set correctly.
Delayed Reporting: Sometimes, there can be a delay in incident reporting and data synchronization between the endpoint device and the security portal. Allow some time for the incidents to be reported and synchronized to the portal. Check the timestamp of the incidents in the Defender Security Center to see if there is any significant delay in reporting.
Filtering and Alert Settings: Check the filtering and alert settings in the Microsoft 365 Security portal to ensure that incidents related to Controlled Folder Access are not being filtered out or suppressed. Adjust the settings as necessary to include the desired incidents in the portal and email notifications.
Licensing Limitations: Confirm that your M365 Business Premium licenses include the necessary features for incident reporting and monitoring. Review the licensing documentation to ensure that the licenses you have provide access to the desired incident reporting capabilities.
Permission Issues: Ensure that the account you are using to access the Microsoft 365 Security portal has the necessary permissions to view and receive incident reports. Check your user roles and permissions in the portal to ensure that you have the appropriate access.
If none of the above steps resolve the issue, it is recommended to reach out to Microsoft Support for further assistance.