- Automatically checks all email attachments for malicious content
- Provides time-of-click verification of URLs within email messages and Office files
- Identifies and blocks malicious files in team sites and document libraries, such as SharePoint, OneDrive and Microsoft Teams
- Anti-phishing protection detects attempts to impersonate your users and domains using machine learning and advanced algorithms
- Threat Explorer is a real-time report that allows you to identify and analyse recent threats (E2)
- Attack Simulator allows you to run realistic attack scenarios in your organization to identify vulnerabilities, such as spear-phishing attacks and password-spray attacks (E2)
- Automated Incident Response (AIR) capabilities include a set of security playbooks that can be launched automatically, saving security operations teams time and effort (E2)
- Built into Office 365: Native integration with Office 365 reduces the investments to integrate with existing solutions. Built-in security helps retain user productivity and ensure a rich and smooth user experience.
Microsoft Advanced Threat Protection offers businesses an extra layer of protection against malicious threats and phishing attacks. It’s low cost, easy to deploy and easy to manage as it’s fully integrated with Office 365. The machine learning and impersonation detection systems offer businesses a basic level of protection against phishing attacks. However. In October 2017, researchers announced that Microsoft had missed 34,000 phishing emails, demonstrating that it is not the most effective phishing protection platform.
For this reason, Microsoft ATP should not be used alone to protect businesses from phishing or targeted social engineering attacks. If you are planning to use this solution as an extra layer of security, we also recommend using a dedicated third party security solution in our Post – Delivery Protection category. These solutions will be more effective to stop phishing attempts and business email compromise.