Microsoft Office 365 Advanced Threat Protection

Industry-leading protection

microsoft logo png Within Microsoft's leading Office 365 suite is their Microsoft Office 365 Advanced Threat Protection (ATP) platform that provides protection using trillions of signals from the Microsoft Intelligent Security Graph and analyzing billions of emails daily. The tool protects mailboxes, files, and productivity and collaboration applications against sophisticated attacks in near real-time.

Organizations already using the Office 365 suite may find this solution interfaces well within their existing security framework.

Actionable Insights

A security and compliance dashboard creates actionable insights to help prioritize potential threats. The platform provides recommendations for addressing phishing and malware.

Automated Response

Office 365 ATP provides security playbooks and investigation graph capabilities to help investigate and remediate attacks more efficiently.

Training Users

Organizations can run attack simulations and warn users before they click on unknown links and files, helping them report suspicious content.

Microsoft Office 365 Advanced Threat Protection Overview

Threat Protection Policies

Microsoft Office 365 Advanced Threat Protection offers flexible policy options. An organization can set fine-tuned protection at the user, organization, recipient and domain levels.

Anti-Phishing Protection

Phishing is remains the top attack vector for cyber-attacks. Spear phishing and whaling are incredibly common in today's cyber security landscape. Office 365 ATP has built-in intelligence for your organization's domains and well as external ones.

ATP Safe Attachments

ATP Safe Attachments Provides zero-day protection for a business' messaging system by checking email attachments for malicious content. It routes all attachments that do not have a virus/malware signature to a special environment, and then uses machine learning and analysis techniques to detect malicious intent.

ATP Safe Links

Get time-of-click verification on email URLs in both emails and Office files. Safe links remain accessible to the organization while malicious ones are dynamically blocked.

ATP for SharePoint, OneDrive, and Microsoft Teams

If your organization already utilizes the collaborative and productivity applications in Office 365, ATP will provide an extra layer of protection by scanning team sites and document libraries.

Reports

Reports update in real-time, providing businesses with the latest insights. Predefined reports include:

Threat Explorer
Threat Protection Status Report
ATP File Types Report
ATP Message Disposition Report
Email Security Report
EOP and ATP Results and Detections Reports

Threat Investigation & Response Capabilities

Office 365 ATP Plan 2 includes threat investigation and response tools.

Threat Trackers

See the latest intelligence on prevailing cybersecurity issues. Available trackers include Noteworthy trackers, Trending trackers, Tracked queries, and Saved queries.

Threat Explorer (or Real-Time Detections)

Real-time report that allows you to identify and analyze recent threats. You can configure Explorer to show data for custom periods.

Attack Simulator

This powerful tool allows organizations to run realistic attack scenarios in your organization to identify vulnerabilities. Just a few simulations available include:

Display-name spear phishing attack
Password-spray attack
Brute-force password attack

Automated Responses

Automated Investigation and Response (AIR) capabilities include security playbooks which can be deployed automatically. AIR can save a security operations team time and effort.

How to get Office 365 ATP

Office 365 ATP is included in certain subscriptions, such as Microsoft 365 E5, Office 365 E5, Office 365 A5, and Microsoft 365 Business. If your subscription does not include Office 365 ATP, you can purchase ATP Plan 1 or ATP Plan 2 as an add-on to certain subscriptions.