Stay Up To Date With All of the New Features Office 265 has for (ATP) Advanced Threat Protection

Advanced threat protection (ATP) refers to a category of security solutions that defend against sophisticated malware or hacking-based attacks targeting sensitive data. Advanced threat protection solutions can be available as software or as managed services. ATPbt365注册真人平台在方法和成分上可能有所不同, 但大多数都包括一些端点代理的组合, network devices, email gateways, malware protection systems, 以及用于关联警报和管理防御的集中管理控制台.

Advanced Threat Protection (ATP) 是任何现代和全面的网络安全基础设施的关键组成部分吗. The cyber threat landscape and attack surface areas are increasing in size for businesses around the world. Cybercriminals are using existing and new techniques to probe and penetrate the networks, systems, 并应用于各种规模的组织. 随时了解新出现的威胁和攻击载体是一项全职工作. 许多组织无法提供所需的资源来保持这一领域的最新进展, or they may find that the demand for skilled cybersecurity professionals makes it hard to recruit the necessary IT staff. Staying fully up to date on all emerging threats also means that experienced IT security professionals have significantly less time to spend on other projects that drive the organization forward.

我们正在继续为office365 ATP添加新功能. 了解更多关于ATP(或微软365)的新特性, see the following resources:

Office 365 ATP (Advanced Threat Protection)要求

ATP可以用于任何SMTP邮件传输代理,如Microsoft Exchange Server. 查看操作系统的相关信息, web browsers, and languages that are supported by ATP, 参见“支持的浏览器”和“支持的语言”部分 Exchange在线保护中的Exchange管理中心.

功能可用性跨高级威胁防护(ATP)计划

Each feature is listed below. When Exchange Online is mentioned, it typically refers to the Office 365 Enterprise service family.

功能可用性跨越先进的威胁保护(atp)计划
Feature ATP Plan 1
(formerly ATP standalone)
ATP Plan 2
(formerly Threat Intelligence
standalone)
Office 365 Enterprise E5
Configuration, protection, and detection      
Safe Attachments Yes Yes Yes
Safe Attachments in Teams Yes Yes Yes
Safe Links Yes Yes Yes
Safe Links in Teams Yes Yes Yes
ATP为SharePoint, OneDrive和微软团队 Yes Yes Yes
Anti-phishing policies Yes Yes Yes
Real-time reports Yes Yes Yes
自动化、调查、补救和教育      
Threat Trackers No Yes Yes
威胁调查(高级威胁调查) Real-time detections Explorer Explorer
Automated incident response No Yes Yes
Attack Simulator No Yes Yes

 Tip

希望下载office365 ATP计划1和计划2之间的区别列表? Get the PDF.

ATP screenshot
高级威胁防护(ATP)截图

先进的威胁防护(ATP)能力

Safe Attachments

ATP Safe Attachments 保护免受未知的恶意软件和病毒, 并提供零日保护,以保护您的消息系统. All messages and attachments that don’t have a known virus/malware signature are routed to a special environment where ATP uses a variety of machine learning and analysis techniques to detect malicious intent. If no suspicious activity is detected, the message is released for delivery to the mailbox.

 Note

ATP Safe Attachments scanning takes place in the same region where your Office 365 data resides. 有关数据中心地理位置的更多信息,请参见 Where is your data located?

Safe Links

The ATP Safe Links feature proactively protects your users from malicious URLs in a message or in an Office document. 每次他们选择链接时,保护都会继续, 因为恶意链接被动态拦截,而好的链接可以被访问.

安全链接适用于以下应用程序中的url:

  • 微软365企业应用程序在Windows或Mac
  • Office for the web (Word for the web, Excel for the web, PowerPoint for the web, and OneNote for the web)
  • Word, Excel, PowerPoint, and Visio on Windows, as well as Office apps on iOS and Android devices
  • Microsoft Teams channels and chats
  • How to Enable Advanced Threat Protection

 Note

Users must be licensed for ATP*, 必须包括在ATP安全链接政策, 并且必须在他们的设备上注册,以确保保护到位.

* 组织范围内的ATP许可证(例如, ATP_ENTERPRISE_FACULTY), 你不需要分配ATP许可证给个人用户.

有关ATP安全链接保护的更多信息,请参阅 如何ATP安全链接与办公文档中的url工作.

ATP为SharePoint, OneDrive,和微软团队

ATP为SharePoint, OneDrive,和微软团队 helps detect and block files that are identified as malicious in team sites and document libraries. In addition, ATP Safe Links protection is now available in Microsoft Teams channels and chats.

Anti-phishing policies

ATP anti-phishing 检查传入消息,以确定消息可能是钓鱼企图的指示器. 当用户被ATP政策覆盖时(安全附件, Safe Links, or anti-phishing), incoming messages are evaluated by multiple machine learning models that analyze messages and the appropriate action is taken, based on the configured policies.

Real-time reports

安全性中可用的监视功能 & Compliance Center include real-time reports and insights 使您的安全性和法规遵循管理员能够将重点放在高优先级的问题上, 比如安全攻击或可疑活动增加. In addition to highlighting problem areas, smart reports and insights include recommendations and links to view and explore data and also take quick actions.

Explorer

Explorer (also referred to as Threat Explorer) is a real-time report that lets authorized users identify and analyze recent threats. By default, this report shows data for the past 7 days; however, 视图可以修改为显示过去30天的数据.

Explorer contains views, such as Malware (for email and content), Submissions, Phish, and All Email. 为了了解Explorer与实时检测的比较, download this PDF.

For more information about Explorer (in Office 365 Advanced Threat Protection Plan 2) and real-time detections (in Office 365 Advanced Threat Protection Plan 1), see Threat Explorer and real-time detections.

Real-time detections

Real-time detections is a real-time report that lets authorized users identify and analyze recent threats. 与Explorer类似,默认情况下,该报告显示过去7天的数据.

Real-time detections contain views, such as Malware (for email and content), Submissions, and Phish. 为了了解实时检测与浏览器的比较, download this PDF.

For more information about Explorer (in Office 365 Advanced Threat Protection Plan 2) and real-time detections (in Office 365 Advanced Threat Protection Plan 1), see Threat Explorer (and real-time detections).

Threat Trackers

Threat Trackers are informative widgets and views that provide authorized users with intelligence on cybersecurity issues that might impact your organization.

Automated Incident Response

Automated incident response (AIR) capabilities available in Office 365 ATP Plan 2 enable you to run automated investigation processes in response to well known threats that exist today. By automated certain investigation tasks, 您的安全操作团队可以更高效地操作. Remediation actions, such as deleting malicious email messages, 是否经过你们的安全行动小组的批准. To learn more, see How AIR works in Office 365.

Attack Simulator

Attack Simulator 让授权用户在您的组织中运行真实的攻击场景. 有几种不同类型的攻击, 包括显示名称鱼叉式网络钓鱼攻击, a password-spray attack, and a brute-force password attack.

Areas Covered

We provide a range of Computer Support, Managed Network Services and IT Consulting in Dallas, Garland, Plano, Richardson, Addison, Irving, Arlington, Fort Worth, Rockwall, Mesquite, Grand Praire and Carrollton.

Local experts who can visit on-site: Dallas Computer Support, Garland Managed Network Services, Plano Backup and Data Recovery, Richardson IT Consulting, Addison Cloud Computing, Irving Hosted Email, Dallas Computer Hardware, and Garland Hosted Software. We provide IT Outsourcing for companies in the following areas, IT Outsourcing Dallas, IT Outsourcing Plano, and IT Outsourcing Richardson.

We offer Managed Network Services to the following areas: Managed Network Services Dallas, Managed Network Services Plano, Managed Network Services Richardson, Managed Network Services Addison, Managed Network Services Carrollton, Managed Network Services Frisco, Managed Network Services Irving, Managed Network Services Fort Worth. Local Companies Want Our Managed Network Services Dallas, Managed Network Services Plano, Managed Network Services Addison, Managed Network Services Irving.

We also provide IT Support in  IT Support Dallas, IT Support Plano, IT Support Garland, IT Support Addison, IT Support Irving, IT Support Richardson, IT Support Garland, IT Support Mesquite, IT Support Fort Worth, IT Support Arlington.

We also provide Network Support Dallas, Network Support Plano, Network Support Garland, Network Support Addison, Network Support Irving, Network Support Richardson, Network Support Garland, Network Support Mesquite, Network Support Fort Worth, Network Support Arlington.