Key Features
Microsoft Defender for 365 (formerly called Office 365 Advanced Threat Protection, or Office 365 ATP) is part of Microsoft's suite of security products designed to protect your organization from cybersecurity threats specifically targeting Microsoft 365 services. It provides threat detection, protection, investigation, and response capabilities for email and collaboration tools in Microsoft 365.
Key Features of Microsoft Defender for 365:
Threat Protection:
Anti-Phishing: Helps protect against phishing attempts by analyzing emails and detecting suspicious behavior.
Anti-Spam: Blocks spam and unwanted messages using advanced algorithms.
Anti-Malware: Protects against malware in emails and files stored in SharePoint, OneDrive, and Microsoft Teams.
Safe Attachments: Scans email attachments for malicious content before delivering them to users.
Safe Links: Protects users from malicious URLs by scanning and rewriting links in real-time.
Threat Investigation & Response:
Attack Simulation Training: A feature that allows security teams to simulate real-world attacks (like phishing) to test how users would respond.
Automated Investigation & Response (AIR): Automates the investigation and remediation of detected threats, reducing the burden on security teams.
Threat Explorer: A tool that provides insights into the types of threats targeting your organization, including email threats, malware, and phishing attempts.
Collaboration Protection:
Protects SharePoint Online, OneDrive for Business, and Microsoft Teams from malicious files and data exfiltration attempts.
Incident & Alerts Management:
Provides security alerts with actionable insights and the ability to manage incidents from a single console.
Integration with Other Defender Products:
Defender for 365 integrates well with other Microsoft Defender services, like Microsoft Defender for Endpoint and Microsoft Defender for Identity, providing unified protection across the entire Microsoft ecosystem.
Last updated