Stay Up To Date With All of the New Features Office 265 has for (ATP) Advanced Threat Protection
Advanced threat protection (ATP) refers to a category of security solutions that defend against sophisticated malware or hacking-based attacks targeting sensitive data. Advanced threat protection solutions can be available as software or as managed services. ATPbt365注册真人平台在方法和成分上可能有所不同, 但大多数都包括一些端点代理的组合, network devices, email gateways, malware protection systems, 以及用于关联警报和管理防御的集中管理控制台.
Advanced Threat Protection (ATP) 是任何现代和全面的网络安全基础设施的关键组成部分吗. The cyber threat landscape and attack surface areas are increasing in size for businesses around the world. Cybercriminals are using existing and new techniques to probe and penetrate the networks, systems, 并应用于各种规模的组织. 随时了解新出现的威胁和攻击载体是一项全职工作. 许多组织无法提供所需的资源来保持这一领域的最新进展, or they may find that the demand for skilled cybersecurity professionals makes it hard to recruit the necessary IT staff. Staying fully up to date on all emerging threats also means that experienced IT security professionals have significantly less time to spend on other projects that drive the organization forward.
我们正在继续为office365 ATP添加新功能. 了解更多关于ATP(或微软365)的新特性, see the following resources:
Office 365 ATP (Advanced Threat Protection)要求
ATP可以用于任何SMTP邮件传输代理，如Microsoft Exchange Server. 查看操作系统的相关信息, web browsers, and languages that are supported by ATP, 参见“支持的浏览器”和“支持的语言”部分 Exchange在线保护中的Exchange管理中心.
Each feature is listed below. When Exchange Online is mentioned, it typically refers to the Office 365 Enterprise service family.
|Feature||ATP Plan 1
(formerly ATP standalone)
|ATP Plan 2
(formerly Threat Intelligence
|Office 365 Enterprise E5|
|Configuration, protection, and detection|
|Safe Attachments in Teams||Yes||Yes||Yes|
|Safe Links in Teams||Yes||Yes||Yes|
|Automated incident response||No||Yes||Yes|
希望下载office365 ATP计划1和计划2之间的区别列表? Get the PDF.
ATP Safe Attachments 保护免受未知的恶意软件和病毒, 并提供零日保护，以保护您的消息系统. All messages and attachments that don’t have a known virus/malware signature are routed to a special environment where ATP uses a variety of machine learning and analysis techniques to detect malicious intent. If no suspicious activity is detected, the message is released for delivery to the mailbox.
ATP Safe Attachments scanning takes place in the same region where your Office 365 data resides. 有关数据中心地理位置的更多信息，请参见 Where is your data located?
The ATP Safe Links feature proactively protects your users from malicious URLs in a message or in an Office document. 每次他们选择链接时，保护都会继续, 因为恶意链接被动态拦截，而好的链接可以被访问.
- Office for the web (Word for the web, Excel for the web, PowerPoint for the web, and OneNote for the web)
- Word, Excel, PowerPoint, and Visio on Windows, as well as Office apps on iOS and Android devices
- Microsoft Teams channels and chats
- How to Enable Advanced Threat Protection
Users must be licensed for ATP*, 必须包括在ATP安全链接政策, 并且必须在他们的设备上注册，以确保保护到位.
* 组织范围内的ATP许可证(例如, ATP_ENTERPRISE_FACULTY), 你不需要分配ATP许可证给个人用户.
ATP为SharePoint, OneDrive，和微软团队 helps detect and block files that are identified as malicious in team sites and document libraries. In addition, ATP Safe Links protection is now available in Microsoft Teams channels and chats.
ATP anti-phishing 检查传入消息，以确定消息可能是钓鱼企图的指示器. 当用户被ATP政策覆盖时(安全附件, Safe Links, or anti-phishing), incoming messages are evaluated by multiple machine learning models that analyze messages and the appropriate action is taken, based on the configured policies.
安全性中可用的监视功能 & Compliance Center include real-time reports and insights 使您的安全性和法规遵循管理员能够将重点放在高优先级的问题上, 比如安全攻击或可疑活动增加. In addition to highlighting problem areas, smart reports and insights include recommendations and links to view and explore data and also take quick actions.
Explorer (also referred to as Threat Explorer) is a real-time report that lets authorized users identify and analyze recent threats. By default, this report shows data for the past 7 days; however, 视图可以修改为显示过去30天的数据.
Explorer contains views, such as Malware (for email and content), Submissions, Phish, and All Email. 为了了解Explorer与实时检测的比较， download this PDF.
For more information about Explorer (in Office 365 Advanced Threat Protection Plan 2) and real-time detections (in Office 365 Advanced Threat Protection Plan 1), see Threat Explorer and real-time detections.
Real-time detections is a real-time report that lets authorized users identify and analyze recent threats. 与Explorer类似，默认情况下，该报告显示过去7天的数据.
Real-time detections contain views, such as Malware (for email and content), Submissions, and Phish. 为了了解实时检测与浏览器的比较， download this PDF.
For more information about Explorer (in Office 365 Advanced Threat Protection Plan 2) and real-time detections (in Office 365 Advanced Threat Protection Plan 1), see Threat Explorer (and real-time detections).
Threat Trackers are informative widgets and views that provide authorized users with intelligence on cybersecurity issues that might impact your organization.
Automated Incident Response
Automated incident response (AIR) capabilities available in Office 365 ATP Plan 2 enable you to run automated investigation processes in response to well known threats that exist today. By automated certain investigation tasks, 您的安全操作团队可以更高效地操作. Remediation actions, such as deleting malicious email messages, 是否经过你们的安全行动小组的批准. To learn more, see How AIR works in Office 365.
Attack Simulator 让授权用户在您的组织中运行真实的攻击场景. 有几种不同类型的攻击, 包括显示名称鱼叉式网络钓鱼攻击, a password-spray attack, and a brute-force password attack.