Microsoft 365 Atp

Microsoft Office 365 Advanced Threat Protection; Office 365 Advanced Threat Protection Reviews. Reviewer Role: Infrastructure and OperationsCompany Size: 50M. For companies that use Office 365. This solution is very helpful with protecting end-users from malicious actors.


Applies to:

  1. When you use Server-Side Synchronization with Dynamics 365 and Office 365 Advanced Thread Protection(ATP) is enabled, attachments may be missing from the email created in Dynamics 365. You may see an attachment included named “ATP Scan in Progress.eml”, but the original attachment is not added to Dynamics 365.
  2. Office 365 Advanced Threat Protection (ATP) can work integrated with Exchange Online Protection and Office 365 Threat Intelligence. Using ATP in the cloud can offload your mail servers and protections systems on the mail servers including on-premises servers. It is not recommended that you turn off Office 365 Advanced Threat Protection.

Want to experience Microsoft Defender for Endpoint? Sign up for a free trial.

For more info about Windows 10 Enterprise Edition features and functionality, see Windows 10 Enterprise edition.

Microsoft Defender for Endpoint is an enterprise endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats.

Defender for Endpoint uses the following combination of technology built into Windows 10 and Microsoft's robust cloud service:

  • Endpoint behavioral sensors: Embedded in Windows 10, these sensors collect and process behavioral signals from the operating system and send this sensor data to your private, isolated, cloud instance of Microsoft Defender for Endpoint.

  • Cloud security analytics: Leveraging big-data, device-learning, andunique Microsoft optics across the Windows ecosystem,enterprise cloud products (such as Office 365), and online assets, behavioral signalsare translated into insights, detections, and recommended responsesto advanced threats.

  • Threat intelligence: Generated by Microsoft hunters, security teams,and augmented by threat intelligence provided by partners, threatintelligence enables Defender for Endpoint to identify attackertools, techniques, and procedures, and generate alerts when theyare observed in collected sensor data.

Microsoft Defender for Endpoint

Threat & Vulnerability Management

Attack surface reduction

Next-generation protection

Endpoint detection and response

Automated investigation and remediation

Microsoft Threat Experts
Centralized configuration and administration, APIs
Microsoft 365 Defender


  • Learn about the latest enhancements in Defender for Endpoint: What's new in Microsoft Defender for Endpoint.
  • Microsoft Defender for Endpoint demonstrated industry-leading optics and detection capabilities in the recent MITRE evaluation. Read: Insights from the MITRE ATT&CK-based evaluation.

Threat & Vulnerability Management
This built-in capability uses a game-changing risk-based approach to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations.

Attack surface reduction
The attack surface reduction set of capabilities provides the first line of defense in the stack. By ensuring configuration settings are properly set and exploit mitigation techniques are applied, the capabilities resist attacks and exploitation. This set of capabilities also includes network protection and web protection, which regulate access to malicious IP addresses, domains, and URLs.

Next-generation protection
To further reinforce the security perimeter of your network, Microsoft Defender for Endpoint uses next-generation protection designed to catch all types of emerging threats.

Endpoint detection and response
Endpoint detection and response capabilities are put in place to detect, investigate, and respond to advanced threats that may have made it past the first two security pillars. Advanced hunting provides a query-based threat-hunting tool that lets you proactively find breaches and create custom detections.

Automated investigation and remediation
In conjunction with being able to quickly respond to advanced attacks, Microsoft Defender for Endpoint offers automatic investigation and remediation capabilities that help reduce the volume of alerts in minutes at scale.

Microsoft Secure Score for Devices

Defender for Endpoint includes Microsoft Secure Score for Devices to help you dynamically assess the security state of your enterprise network, identify unprotected systems, and take recommended actions to improve the overall security of your organization.

Microsoft Threat Experts
Microsoft Defender for Endpoint's new managed threat hunting service provides proactive hunting, prioritization, and additional context and insights that further empower Security operation centers (SOCs) to identify and respond to threats quickly and accurately.


Fox planer thicknesser manual transmission. Defender for Endpoint customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications are always included after you have been accepted into Microsoft Threat Experts managed threat hunting service.

If you are not enrolled yet and would like to experience its benefits, go to Settings >General >Advanced features >Microsoft Threat Experts to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a 90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription.

Centralized configuration and administration, APIs
Integrate Microsoft Defender for Endpoint into your existing workflows.

Integration with Microsoft solutions
Defender for Endpoint directly integrates with various Microsoft solutions, including:

  • Azure Defender
  • Azure Sentinel
  • Intune
  • Microsoft Cloud App Security
  • Microsoft Defender for Identity
  • Microsoft Defender for Office
  • Skype for Business

Microsoft 365 Defender
With Microsoft 365 Defender, Defender for Endpoint and various Microsoft security solutions form a unified pre- and post-breach enterprise defense suite that natively integrates across endpoint, identity, email, and applications to detect, prevent, investigate, and automatically respond to sophisticated attacks.

Related topic

A few years ago Microsoft emerged as the leader in protecting businesses from threats.

For people who have been keeping an eye on it, they would be well aware of the fact that Office 365 had some capabilities that cover small business to large organisations and it has the ability to shift businesses infrastructure and services to the cloud.

In the year 2015, Microsoft introduced the “Advanced Threat Protection (ATP for short)” functionality as a way to protect against advanced attacks.

Leading into this date and since this time, Microsoft is starting to put greater emphasis on security in various areas.

In the Microsoft’s ecosystem, the Advanced Threat Protection ATP, Advanced Threat Analytics ATA and many other products now make up the security base for detection and prevention for your business.

But what is Advanced Threat Protection ATP?

Microsoft 365 Atp

Let us answer this for you now.

ATP makes use of machine learning and an advanced cleansing service to create a layer of protection against viruses for you and your business.

This functionality is in-charge of providing better zero-day protection for emails and much more.

The advanced threat protection solution and services offers the three functions and components listed as below.

  • Data Awareness must exist. It’s not possible to determine a threat without the knowledge of enterprise data, value and sensitivity levels for the formulation of the right response against any data malware activity.
  • Real-Time Visibility is a main component too as there has to be continuous monitoring. Failing this, the threat will get detected late. The absence of visibility can cause damage to the resources as well as your business reputation.
  • Context Gaining is one of the main features of ATP, it allows the security team to analyse the malware and decide the response swiftly and accordingly to give you the best possible outcome.

If you carry on reading below we list for you the capabilities of Microsoft Office 365 Advanced Threat Protection.

It is Microsoft’s cloud-based service which scans and filters emails for the protection of subscribers from malware in hyperlinks and attachments.

All the reports and data coming through currently lets us know that the biggest risk to a data breach in a business comes from human error, this means you and your employees have to be aware and alert 24/7 to protect the business against threats and scams.

Why businesses need Advanced Threat Protection ATP?

Because it functions in a unique and brilliant way.

It’s a cloud security service and does not require additional hardware or software tools to run it.

ATP by Microsoft attempts the reduction of zero-day threats arriving with malicious attachment and URLs and more.

It assesses the email content even before the recipient opens it.

The ATP also scans attachments and hyperlinks in different ways with the application of separate and independent policies for users, groups or domains.

So you and IT solution provider (Greendata) have control over the policies that can be set in place throughout your businesses documents.

For someone who already uses tools to combat security, Advanced Threat Protection ATP will assist in the email messaging environment even more by adding more effective protection against attacks by unsafe attachments and links.

Here are some of the major features of Microsoft 365 Advanced Threat Protection ATP for you.

Safe Attachment Review Files

The functionality of “Safe Attachment” in ATP analyses all attachments. In the first place, ATP isolates the attachment in the detonation chamber for preventing the malicious attack. It then assesses the suspicious behavior of the content with its machine learned techniques. Advanced Threat Protection works perfectly by not opening the attachment till the scanning completes and this is all done in real time.

Safe Links Scans URLs

This feature of ATP helps in scanning the content from the hyperlinks mentioned in the email and documents and uses it to reduce website-based attacks. Scan link feature’s absolute functionality, if it determines that any hyperlink leads to an unsafe site, it sends the user to the warning page immediately.


When Office 365 reports the messages as spam, bulk mail or mail containing malware, it is directly sent into quarantine. It’s the default setting that sends phishing messages to quarantine and only those in your business who are authorised can manage the settings of emails sent to quarantine.

Spoof Intelligence


The feature of Spoof Intelligence works for the detection of a sender for sending mails on behalf of one or more accounts. It shows all the senders who are using your domain and allows the user to enable entry or completely block the sender.

Capabilities of Advanced Anti-Phishing

Advanced Threat Protection makes use of some of the best in business machine learning models to detect suspicious emails and also to help thwart malware attacks.

Assists with Training

It works exceptionally well when you receive unusual and malicious email. This functionality of Office 365 generates detailed reports based on the suspicious or malicious content as an alert for your IT administrators. This information then can be used to continually improve and the knowledge can also be passed onto you and your staff.

How long does this take, we haven’t got all day!

Do you think that the scanning process takes many hours to scan every time?

Well, no it doesn’t and here at Greendata we value our customers time too.
The time taken to scan depends only on the attachment and the content, so basically it is size dependant.

It does not cause much delay at all and instead uses a feature known as “Dynamic Delivery” allowing recipients to at least read and respond to very urgent emails.

It also uses the placeholder in the place of attachment to indicate that it is undergoing the process of scanning if needed.

And, if ATP finds that file is not safe, it merely removes the attachment.
If it determines that the file is not a danger, the attachment is simply returned to the email.

Simple and safe.

Advanced Threat Protection brings no noticeable delay in delivering a non-malicious email and for any malicious email activity, it stops entering the attachment or any content and so mitigates the risk.

Do you need to worry about ATP and do you need ATP?

Deciding on the right Advanced Threat Protection ATP solution should depend on the needs, environment, objective and risk profile of the business.

In saying this, whether you’re a one-man band, a small business, medium business or a large corporation the risk is there.

This risk is real and one breach can cost you time and money.

At Greendata we try to understand your needs and challenges before trying to find the optimal tools for your business to use that help with productivity and growth.

Most of our assesments (this includes cybersecurity assesments) result in a simplyfying of the IT structure and this can lead to lower monthly operating costs for you long term while increasing productivity too.

So you could end up with a more secure system protecting your data, more time in your day and save money.

Atp Plan 1

If you want or think you may need an assessment on your current technology setup, you only have to give us a call on 07 5526 0278

Here is the list of the possible benefits for you and your company, when you choose to call to us today to book an appointment.

  • Security
  • Saving time
  • Maximise money saving

If you don’t feel the need to make your business more secure, save your precious time or maximise your money saving you can move on and read a few more pages in our “Learn” section as it has many different pages covering the benefits of Office 365 and more.

Microsoft 365 Atp Vs Mimecast

But if you do you feel the time is right, you can contact us through our “Lets Connect” page or as we have said above, pick up the phone, give us a call 07 5526 0278 and book an appointment.

Microsoft 365 Atp Safe Links

Talk to you soon!