Microsoft Advanced Threat Protection

Microsoft Partner

Microsoft Office 365 Advanced Threat Protection (ATP) is a cloud-based email filtering service that helps protect your organization against unknown malware and viruses by providing robust zero-day protection, and includes features to safeguard your organization from harmful links in real time. ATP has rich reporting and URL trace capabilities that give administrators insight into the kind of attacks happening in your organization.

The following are the primary ways you can use ATP for message protection:

  • In an Office 365 ATP filtering-only scenario, ATP provides cloud-based email protection for your on-premises Exchange Server environment or any other on-premises SMTP email solution.
  • Office 365 ATP can be enabled to protect Exchange Online cloud-hosted mailboxes.
  • In a hybrid deployment, ATP can be configured to protect your messaging environment and control mail routing when you have a mix of on-premises and cloud mailboxes with Exchange Online Protection for inbound email filtering.

Do you want to find out more?

Leave your name and number and we will give you a call.

Advanced Threat Protection (ATP) capabilities

Safe Attachments

ATP Safe Attachments protects against unknown malware and viruses, and provides zero-day protection to safeguard your messaging system. All messages and attachments that don’t have a known virus/malware signature are routed to a special environment where ATP uses a variety of machine learning and analysis techniques to detect malicious intent. If no suspicious activity is detected, the message is released for delivery to the mailbox.

The ATP Safe Links feature proactively protects your users from malicious URLs in a message or in an Office document. The protection remains every time they select the link, as malicious links are dynamically blocked while good links can be accessed.

Safe Links is available for URLs in the following apps:

  • Office 365 ProPlus on Windows or Mac
  • Office for the web (Word for the web, Excel for the web, PowerPoint for the web, and OneNote for the web)
  • Word, Excel, PowerPoint, and Visio on Windows, as well as Office apps on iOS and Android devices

ATP for SharePoint, OneDrive, and Microsoft Teams

ATP for SharePoint, OneDrive, and Microsoft Teams helps detect and block files that are identified as malicious in team sites and document libraries.

Anti-phishing policies

ATP anti-phishing checks incoming messages for indicators that a message might be a phishing attempt. When users are covered by ATP policies (Safe Attachments, Safe Links, or anti-phishing), incoming messages are evaluated by multiple machine learning models that analyze messages and the appropriate action is taken, based on the configured policies.

Real-time reports

Monitoring capabilities available in the Office 365 Security & Compliance Center include real-time reports and insights that let your security and compliance administrators focus on high-priority issues, such as security attacks or increased suspicious activity. In addition to highlighting problem areas, smart reports and insights include recommendations and links to view and explore data and also take quick actions.

Threat Trackers

Threat Trackers are informative widgets and views that provide authorized users with intelligence on cybersecurity issues that might impact your organization.

Explorer

Explorer (also referred to as Threat Explorer) is a real-time report that lets authorized users identify and analyze recent threats. By default, this report shows data for the past 7 days; however, views can be modified to show data for the past 30 days.

Automated incident response

Automated incident response (AIR) capabilities available in Office 365 ATP Plan 2 enable you to run automated investigation processes in response to well known threats that exist today. By automated certain investigation tasks, your security operations team can operate more efficiently and effectively. Remediation actions, such as deleting malicious email messages, are taken upon approval by your security operations team.

Attack Simulator

Attack Simulator lets authorized users run realistic attack scenarios in your organization. Several different kinds of attacks are available, including a display name spear-phishing attack, a password-spray attack, and a brute-force password attack.

Office 365 Advanced Threat Protection (ATP) availability

ATP is included in Office 365 Enterprise E5, Office 365 Education A5, and Microsoft 365 Business.

You can add ATP to the following Exchange and Office 365 subscription plans:

  • Exchange Online Plan 1
  • Exchange Online Plan 2
  • Exchange Online Kiosk
  • Exchange Online Protection
  • Office 365 Business Essentials
  • Office 365 Business Premium
  • Office 365 Enterprise E1
  • Office 365 Enterprise E3
  • Office 365 Enterprise F3
  • Office 365 A1
  • Office 365 A3

Recent blogs about Security

AUGUST 20, 2019

New Phishing Threat –...

There’s a new and growing type of phishing attack. Infected emails come from a...

Read More

JUNE 25, 2019

Eye Out For Scams

The end of the financial year is one of the peak periods for cyber criminals to target...

Read More

JUNE 12, 2019

The Cost of Cybercrime

With cyber-attacks against Australian business on the rise, it’s no surprise the...

Read More