top of page

Advanced Threat Protection (ATP) for Office 365

Catch threats before they disrupt your organisation, keeping your data, intellectual property and users safe from email phishing attacks and zero-day malware.

Does your workplace use Office 365? Do you have sensitive company data that needs to stay contained within your organisation? Then security should be something on the top of your priorities list. Operating with just the native Office 365 junk filtering capabilities does not provide a comprehensive layer of protection, by implementing Office 365 Advanced Threat Protection you are safeguarding your company’s data.

Microsoft Office 365 Advanced Threat Protection (ATP) is a cloud-based email filtering service that helps protect your organisation against unknown malware and viruses by providing robust zero-day protection and includes features to safeguard your organisation from harmful links in real time. ATP has rich reporting and URL trace capabilities that give administrators insight into the kind of attacks happening in your organisation.

Office 365 ATP can be used however your environment is deployed:

  • In an Office 365 ATP filtering-only scenario, ATP provides cloud-based email protection for your on-premises Exchange Server environment or any other on-premises SMTP email solution.

  • Office 365 ATP can be enabled to protect Exchange Online cloud-hosted mailboxes.

  • In a hybrid deployment, ATP can be configured to protect your messaging environment. It controls mail routing when you have a mix of on-premises and cloud mailboxes with Exchange Online Protection for inbound email filtering.

ATP Safe Attachments

ATP Safe Attachments checks your emails to see if the attachments are malicious. Your global or security administrator can set the appropriate policies. When a user under your ATP policy checks their emails, ATP Safe Attachment will scan them and take the appropriate actions according to the policy settings.

ATP Safe Links

This feature checks the URLs contained within emails and Office documents. Before emails reach the inbox, they go through Office 365 Exchange Online Protection. There, signature-based malware protection, anti-spam and malware and internet protocol (IP) are applied to the emails. Once those are applied, the user can then open the email. If they click on a link, it’s immediately flagged as safe, malicious, or blocked. For malicious or blocked emails, you’ll get a warning page. ATP Safe Links works with Office documents too.

Anti-Phishing Capabilities

Office365 ATP includes Anti-Phishing Capabilities. By utilising machine learning models with impersonation detection algorithms, it uses a sophisticated method to identify phishing.

Whenever emails are received, the machine learning models analyse them to determine if they’re safe and what actions to take if they’re not. These actions are based on the policies your security administrators set.

Mailbox intelligence can be used to aid in detecting phishing attempts. This intelligence takes into consideration your email and communication habits for more accurate detection of phishing emails.

These Anti-Phishing Capabilities can be applied to either individual people in your business or all of your domains.

Spoof Intelligence

A good number of phishing attempts are done through spoofing, especially spear phishing and whaling. This is why it’s vital you have the capabilities to recognise malicious spoofing immediately. Thankfully, if you have Office 365 Advanced Threat Protection, it’s already built in and always on, for both your domains and external ones.

Not only can cyber criminals trick you by spoofing other organisations’ email addresses, but they can spoof yours to fool others as well. ATP’s Spoof Intelligence lets you specify which entities are allowed to spoof your domains and send emails for you so they won’t be blocked.


bottom of page