Skip to main content

Product Release Note - February 2026 - Meet Overe GSO: the operating layer for Microsoft 365 security

D
Written by David McCandless
Updated this week

This week we started the rollout of a major new opt-in capability in Overe: Guided Security Operations (GSO).

From customer feedback and real-world usage, one thing has become very clear:
For most teams, Overe is already a core part of day-to-day Microsoft 365 security operations, spanning detection and response, policy enforcement, and ongoing risk management.
At the same time, we see that some admins, especially busy or more junior team members, still hit friction when moving from seeing risk to taking confident action.

Not because the capabilities aren’t there.

But because there’s still a gap between seeing risk and acting with confidence.

GSO is built to close that gap.

In short:
Overe GSO turns Microsoft 365 security from a collection of tools into an operating model, making risk easy to understand, telling teams what to do, in what order, and why, and making it safe to act with confidence.

What’s included in the first release?

We’re introducing GSO incrementally, starting in Deep Scan:

  • Scan results are turned into prioritised, risk-weighted actions

  • Each item explains what’s wrong, why it matters, and what’s safe to change

  • The goal is to reduce guesswork and increase confidence when taking action

Over time, GSO will expand into alerts, investigations (guided forensics), policy enforcement, and all other areas of the platform as we refine the experience.

Built on your data, in your context

GSO does not rely on other customers’ data or generic, one-size-fits-all advice.

All guidance is based on:

  • Your (or your clients) tenant’s data and configuration

  • The capabilities enabled in your Overe platform

  • The Microsoft licenses in place (and what is or isn’t actually available to you)

  • And your business context, such as environments with high-risk users or specific operational priorities that need extra attention

Microsoft 365 security can be a minefield of features, SKUs, and constraints. GSO takes a holistic approach, guiding you based on what you actually have, what you can use, and what matters most in your environment, rather than assuming a perfect or fully licensed world.

If you’d like to see how we think about this from an AI and trust perspective, our principles are here: https://trust.overe.io/overe-ai-principles

Screenshot 2026-02-04 093521

How access works

We’re carefully onboarding customers who are willing to use GSO in real environments and give feedback, so we can refine the guidance and prompts before wider rollout.

  • Paid customers: You can request access to the GSO beta by responding to this email and we will schedule a short call to walk you through the service. We’ll be approving access in waves as we onboard participants.

  • Trial users: This email is to let you know what’s now rolling out in Overe and what’s coming next.

GSO vs. Microsoft Security Copilot

Unlike some approaches such as Microsoft Security Copilot, GSO does not require E5 licensing. It’s designed to work with the reality of mixed licenses and real-world constraints.

You can see how we differ here:
https://intercom.help/overe/en/articles/13571275-how-does-overe-s-approach-to-ai-differ-from-microsoft-security-copilot

We’ll be sharing more details as the rollout continues, but we wanted to let you know this is now underway and where it’s heading.

If you have any questions, please reach out or book a call with us to walk through our service.

Best Regards,

Paul & Overe Team

Did this answer your question?