What is Microsoft Exchange Online Advanced Threat Protection?

exchange online advanced threat protection

Microsoft Advanced Threat Protection is part of Microsoft Exchange Online.  It was developed to help deal with evolving outbreak threats.  Many of these evolving threats now comprise two parts.  The first is the “Zero Hour Attack.”  The second is the “Elongated period of attack.”  Traditional Anti-Virus/Anti-Spam solutions typically struggle to protect against zero-day attacks comprehensively.  Attackers can go completely unnoticed during a zero-day attack.

So, what is Exchange Online Advanced Threat Protection (ATP)?

  1. ATP provides protection against unknown malware/viruses. It performs behavioral analysis with machine learning and provides Admin alerts.
  2. ATP provides Time-of-Click protection. There’s real time protection against malicious URLs.
  3. ATP has rich reporting and tracing. There’s a built-in URL trace, and reports for advanced threats.

What else does ATP do?

Safe Links

  • Protect against sites with malicious content, phishing sites
  • Provides admins visibility into compromised users
  • Rewriting the URLs to proxy them through another server

Safe Attachments

  • Protect against zero-day exploits in email attachments by blocking messages
  • Provides admins visibility into compromised users
  • Leverages sandboxing technology

Exchange Online Advanced Threat Protection is available to all commercial and multi-tenant government customers who license Microsoft products through the Direct, CSP, Open, MPSA and EA channels.  The price is $2 per user per month for commercial customers, and $1.75 per user per month for government customers.

Tim Krueger, PEI

Interested in increasing security for your business? We can help! Contact us to learn how!

Leave a Reply