TrnDigital Blog

Your Guide to Office 365 Advanced Threat Protection

Posted by Rajiv Dattani on 11/1/22 11:57 AM

Blog Image 1st Nov 2022
Office 365 advanced threat protection (ATP) is the latest and greatest addition to the Office 365 cloud. 
As a robust cloud-based email and file filtering service, ATP helps protect your cloud infrastructure from a range of advanced threats such as malware, threatening viruses, and phishing attacks.
This blog aims to answer all your questions on advanced threat protection, how it works, and also how it can help you protect your organization from advanced threats.

What Is Advanced Threat Protection?

Microsoft Office 365 Advanced Threat Protection (now called Microsoft Defender for Office 365) is a comprehensive security product. It is designed to safeguard your organization's emails, files, and other similar Office 365 applications from advanced cybersecurity threats.

ATP is primarily a powerful email filtering service that works towards helping to protect your organization against harmful and unknown malware attacks.

One of the key highlights of ATP is its robust reporting and URL tracing capabilities that offer system administrators in your organization better insights into the kind of malicious email or other similar attacks happening in your organization.

The Working Of Office 365 Advanced Threat Protection  

Microsoft's Office 365 Advanced Threat Protection works by relying on various policies that your organization's system administrators need to configure. 

Once done, ATP ensures to filter data, malicious intent/behavior, and other similar parameters at either organization, user, domain, or recipient level.

The functioning of ATP can be summarised below:

Office 365 Advanced Threat Protection can work either in conjunction with Exchange Online Protection (EOP) or Office 365 Threat Intelligence.
The system administrators need to then offload both your mail servers and protection systems on the mail servers using ATP

This includes your on-premise servers as well.

Advanced Threat Protection Features 

Office 365 ATP offers several features which make it a perfect option to better your security infrastructure. Among these are-

Safe Attachments

Safe Attachments in advanced threat protection help protect you against unknown malware and viruses and offers complete protection to safeguard your messaging system fully.


Safe attachments route your safe emails and attachments (without malware) to a safe environment.
The ATP here uses a range of different machine learning and other coming-age techniques to detect harmful or malicious intent by cybercriminals.
In the absence of any suspicious activity, the message is delivered to the recipient's mailbox.
Safe Links

The safe links feature in advanced threat protection of office 365 is designed to proactively protect your users from malicious URLs (website addresses) in a message or an Office document.


The highlight of safe links is that the protection remains every time users select the link, as any unsafe or malicious link is dynamically blocked while good links can be accessed.
Safe Links of ATP is available for URLs in office 365 ProPlus on Windows or Mac, Word, PowerPoint, Excel, and Office for the web.

Spoof intelligence

Spoofing is a technique where, when a sender spoofs an email address, they appear to be from a user within your organization or an impersonated external user. It is an in-built feature of O365 Advanced Threat Protection.


You can set Spoof filters to be able to differentiate between legitimate and harmful/malicious activity by cybercriminals. 
The feature also allows you to review the senders who are spoofing your domain and give you the option of either allowing or blocking them completely.
Anti-Phishing Policies 

The anti-phishing policy feature of ATP is based on machine learning models and other impersonation detection algorithms. 


As soon as you activate the Office 365 anti-phishing policies, the ML models and algorithms appraise the incoming email to decide whether it is safe or harmful.
In case the incoming email is malicious, appropriate action will be taken depending on your ATP configuration. 

Office 365 ATP for OneDrive, SharePoint, and Microsoft Teams

Office 365 ATP for SharePoint, OneDrive, and Microsoft Teams is designed to cater to the security needs of teams when collaborating in an organizational setup.


This ATP feature helps find & block all potentially malicious files.
It also prevents the entrance of all such files into your document libraries or team sites. 

Microsoft 365 Defender 

Microsoft 365 Defender is an all-in-one comprehensive platform, including several Microsoft security solutions. Among the products that it includes:

Microsoft Defender for Endpoint—It enables threat prevention, automated threat investigation, and breach detection.
Microsoft Defender for Identity—It helps to identify and investigate any compromised identities and malicious intruders.
Microsoft Defender for Office 365—It protects against threats in emails, collaboration tools, and malicious links.
Microsoft Defender for Cloud Apps—It offers robust security for SaaS and other loud applications, offering higher data controls, better visibility, and advanced threat protection.

Microsoft 365 Licensing

When it comes to licensing, Advanced Threat Protection is available for key subscription plans. You can also buy it separately.

Although ATP is mainly included in the subscription plans Microsoft 365 A5 and Microsoft 365 Business Premium, you can buy the Office 365 ATP license along with below subscription plans as well:

Microsoft Exchange Online Plan 1
Microsoft 365 Business Basic Plan
Microsoft 365 Business Standard 
Exchange Online Kiosk Plan
Microsoft 365 Enterprise E1
Microsoft 365 A1
Microsoft 365 A3
Microsoft 365 Enterprise E3
Microsoft 365 Enterprise F3

Also, if Office 365 Advanced Threat Protection is not part of your subscription plan, you can always buy one of the standalone ATP subscription plans (as below) using a per-user payment or licensing model:

Office 365 Advanced Threat Protection Plan 1
Office 365 Advanced Threat Protection Plan 2
How To Configure Office 365 Advanced Threat Protection 

Here are the steps you need to follow: 

Go to the Microsoft 365 admin center using the link 
Access Security in the Admin Center located in the left pane of the window.
Click Threat manager, followed by Dashboard. The security dashboard or threat dashboard shows the threat protection status and also the links to configuration pages.
Now you have to Click Policy in the navigation pane to be able to configure anti-phishing, anti-malware, or anti-spam policies, as required. 

Begin Using Office 365 Advanced Threat Protection Configuration with TRNDigital 

Office 365 Advanced Threat Protection is one of the best solutions to consider if your business is also looking for consistent protection from new-age email attacks. 

Using the varied security features of ATP, you can not only stop the instances of phishing or malicious email attachments threatening your systems but can also ensure to reduce the instances of spoofing attacks by clearly distinguishing between legitimate/legal and malicious/harmful activities. 

TrnDigital is a well-known cloud security provider to help you get started with all your Office 365 advanced threat protection needs.

Partnering with us will help you address a range of email security needs, such as all-time protection against sophisticated email attacks, protection from unsafe attachments, along with the ability to block harmful links. 

Get in touch with us today and start exploring your options.

Topics: Microsoft Security

Subscribe Here!

Recent Posts