SlideShare ist ein Scribd-Unternehmen logo

Microsoft Office 365 Advanced Threat Protection

David J Rosenthal
David J Rosenthal

Microsoft Office 365 Advanced Threat Protection leverages our approach and our strengths to help customers be secure against advanced threats and recover quickly in the event they are attacked. Protect their data Detect compromised users And gain the required visibility to respond to threats

Technologie
1 von 46
Downloaden Sie, um offline zu lesen
Office 365 Advanced Threat Protection Productivitybuilt on security DavidJ. Rosenthal, VP & GM, DigitalBusiness MicrosoftMTC – NYC May 2, 2018
1 billion Windows devices updated 450 billion Microsoft Azure user authentications 400 billion Office emails analyzed Integration across our platforms and services Cloud App Security
Office 365 Advance Threat Protection addresses our customer’s challenges Protect business critical data Detect compromised users Gain visibility to respond to threats
Protect your data
Protect business critical data Most security experts agree that email remains the #1 attack vector emails analyzed every month in office 365 of all email traffic is spam (Mar ‘17)2 increase in ransomeware- infected emails (2016-2017)1
Protect your data • Advanced Threat Protection Safe Attachments: detonating malicious attachments Detonation
Attachment sent to sandbox Protect your data • Our features and enhancements limit the impact to user productivity: Dynamic Delivery Dynamic delivery: Reducing the impact from sandboxing latency Continuously lowering latency times Email with attachment Email body goes through basic email security Sandboxing Malicious attachment Safe attachment
Protect your data • Our features and enhancements limit the impact to user productivity: Document Preview
Protect your data • Advanced Threat Protection Safe Links: Time of click protection for malicious links Web servers perform latest URL reputation check Rewriting URLs to redirect to a web server. User clicking URL is taken to EOP web servers for the latest check at the “time- of-click”
Office 365 Phish Protection Stack (Enhanced) 12 Mail Flow Protection Post Delivery Protection ATP Safe link Time of click Protection ATP ZAP Sender Authentication Checks Implicit Intra Org Domain Spoof Detection Soon: ATP Implicit External Domain Spoof Detection Soon: ATP User mailbox Intelligence Soon: ATP User Impersonation Detection Soon: ATP Domain Impersonation Detection AV Engine Scan URL Reputation Scan New: ATP Attachment Detonation for phishing ATP Heuristic Clustering Phish Content Analysis Heuristics/Rules ATP Machine Learning Models Multi factor Authentication for Office 365 New: Safe link for Internal MailNew: ATP block of attachments with bad URLs New: Windows 10 based Rep Scan Enhanced: Safe link for Office Clients ATP Safe link Time of click Protection ATP ZAP Sender Authentication Checks Implicit Intra Org Domain Spoof Detection Soon: ATP Implicit External Domain Spoof Detection Soon: ATP User Intelligence Soon: ATP User Impersonation Detection Soon: ATP Domain Impersonation Detection AV Engine Scan URL Reputation Scan New: ATP Attachment Detonation for phishing ATP Heuristic Clustering Phish Content Analysis Heuristics/Rules ATP Machine Learning Models Multi factor Authentication for Office 365 New: Safe link for Internal Mail New: ATP block of attachments with bad URLs New: Windows 10 based Rep Scan Enhanced: Safe link for Office Clients Enhanced: Client Tips for Suspicious Mails Tenant Block URL for Safe links New: Explore malicious submissions in Threat Explorer Monitor for risky user/App activity Enhanced:Threat Explorer New: Rich Reports & Insights Detect & Respond
Protect leveraging Machine Learning Models identifying phish lures Analyses Millions of samples ML Model Model generation Good - Inbox Bad - Phish action Applying what we learnedLearning from the good and bad Base protection
• Implicit Spoof Protection; DMARC; SPF • Content based protection • URL verification against known phishing lists • Safety Tips for mails detected as phish • Inline Reporting • Machine Learning Models • Time of Click Protection (Safe links) • Detonation of Content • Users contact graph Domain Spoof • DMARC, DKIM • SPF • Intra Org spoof • Cross domain spoof Compromised • Compromised account Impersonation • Look alike domains • Display name tricks Content • Attachments • URLs • Text Protect with Office 365 ATP enhanced Anti-phish Capabilities
Protect: Admins can create enhanced Anti-impersonation settings
Protect with Mailbox Intelligence
Protect: Admins can apply internal safe links for intra-org emails
Protect: Admins can apply sophisticated anti-spoof settings
Protect users by enabling message reporting of potential phish enable
Protect your data • Advanced threat protection: URL detonation DetonationEmail with link Link added to reputation server
Protect your data • Threat protection extends to your entire Office 365 ecosystem Email is only one attack vector Threat protection has extended coverage Microsoft enables security for multiple office workloads Office 365
Protect your data • Advanced threat protection for your collaboration workloads Sandboxing and detonation • anonymous links • companywide sharing • explicit sharing • guest user activity collaboration signals • malware in email + SPO • Windows Defender • Windows Defender ATP • suspicious logins • risky IP addresses • irregular file activity threat feeds • users • IPs • On-demand patterns (e.g. WannaCry) activity watch lists Leverage Signals Apply Smart Heuristics Files in SPO, ODB and Teams 1st and 3rd party reputation Multiple AV engines SharePoint OneDrive Microsoft Teams
Protect your data • Advanced security for your desktop clients Improve your security against advanced threats, unknown malware, and zero-day attacks Protect users from malicious links with time-of-click protection Safeguard your environment from malicious documents using virtual environments Word Excel PowerPoint Visio
Detect compromised users
Reporting dashboard
Detect compromised users Security & compliance center reporting dashboard • Inbound vs. Outbound Malware
Security & compliance center reporting dashboard • Inbound vs. Outbound Malware • ATP Safe Attachment File Disposition Detect compromised users
Security & compliance center reporting dashboard • Inbound vs. Outbound Malware • ATP Safe Attachment File Disposition • ATP Safe Attachment Files Caught (Excel, PPT, Word, etc.) Detect compromised users
Security & compliance center reporting dashboard • Inbound vs. Outbound Malware • ATP Safe Attachment File Disposition • ATP Safe Attachment Files Caught (Excel, PPT, Word, etc.) • Malware caught in tenant Detect compromised users
Security & compliance center reporting dashboard • Inbound vs. Outbound Malware • ATP Safe Attachment File Disposition • ATP Safe Attachment Files Caught (Excel, PPT, Word, etc.) • Malware caught in tenant • Message details/trace Detect compromised users
• Detection technology used (Safe Links/Safe Attachments/EOP) • Detonation details (also offered in Threat Intelligence) • Links blocked with emails for the last 7 days • Message details/trace (also offered in Threat Intelligence) Advanced reporting for advanced threat protection Detect compromised users
Gain visibility to respond to threats
Gain Visibility : Office ATP Dashboard
Today and Beyond
Security Focused Investments for Advanced Threat Protection 60 s
What’s next? ATP SIEM Integration We will be enabling SIEM integration for ATP. ATP’s threat feeds will be available through the Office 365 Management Activity API which can then connect to several different SIEM solutions. Safe Links Native Link Rendering ATP Safe Links solution will soon enable users to see the original link when they hover over a URL. This feature is especially useful for users who have been trained on looking for malicious indicators for URLs.
© 2018 Razor Technology, LLCwww.razor-tech.com @DavidJRosenthal Slideshare www.razor-tech.com 5 Tower Bridge 300 Barr Harbor Dr., Suite 705 West Conshohocken, PA 19428 www.razor-tech.com David.Rosenthal@razor-tech.com Cell: 215.801.4430 Office: 866.RZR.DATA LETS KEEP IN TOUCH
© 2017 Microsoft Corporation. All rights reserved. 46

Empfohlen

Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelDavid J Rosenthal
 
Azure Sentinel.pptx
Azure Sentinel.pptxAzure Sentinel.pptx
Azure Sentinel.pptxMohit Chhabra
 
Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud AppsSecure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud AppsVignesh Ganesan I Microsoft MVP
 
An introduction to Office 365 Advanced Threat Protection (ATP)
An introduction to Office 365 Advanced Threat Protection (ATP)An introduction to Office 365 Advanced Threat Protection (ATP)
An introduction to Office 365 Advanced Threat Protection (ATP)Robert Crane
 
Microsoft Defender for Endpoint
Microsoft Defender for EndpointMicrosoft Defender for Endpoint
Microsoft Defender for EndpointCheah Eng Soon
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security OverviewDavid J Rosenthal
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewDavid J Rosenthal
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero TrustDavid J Rosenthal
 

Empfohlen

Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelDavid J Rosenthal
 
Azure Sentinel.pptx
Azure Sentinel.pptxAzure Sentinel.pptx
Azure Sentinel.pptxMohit Chhabra
 
Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud AppsSecure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud AppsVignesh Ganesan I Microsoft MVP
 
An introduction to Office 365 Advanced Threat Protection (ATP)
An introduction to Office 365 Advanced Threat Protection (ATP)An introduction to Office 365 Advanced Threat Protection (ATP)
An introduction to Office 365 Advanced Threat Protection (ATP)Robert Crane
 
Microsoft Defender for Endpoint
Microsoft Defender for EndpointMicrosoft Defender for Endpoint
Microsoft Defender for EndpointCheah Eng Soon
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security OverviewDavid J Rosenthal
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewDavid J Rosenthal
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero TrustDavid J Rosenthal
 
Microsoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 PlansMicrosoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 PlansDavid J Rosenthal
 
Fundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceFundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceVignesh Ganesan I Microsoft MVP
 
An introduction to Defender for Business
An introduction to Defender for BusinessAn introduction to Defender for Business
An introduction to Defender for BusinessRobert Crane
 
Microsoft Azure Information Protection
Microsoft Azure Information Protection Microsoft Azure Information Protection
Microsoft Azure Information Protection Syed Sabhi Haider
 
introduction to Azure Sentinel
introduction to Azure Sentinelintroduction to Azure Sentinel
introduction to Azure SentinelRobert Crane
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and ComplianceDavid J Rosenthal
 
Microsoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security OverviewMicrosoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security OverviewDavid J Rosenthal
 
Office 365 Security Best Practices
Office 365 Security Best PracticesOffice 365 Security Best Practices
Office 365 Security Best PracticesCommunity IT Innovators
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information ProtectionRobert Crane
 
Microsoft Defender for Endpoint Overview.pptx
Microsoft Defender for Endpoint Overview.pptxMicrosoft Defender for Endpoint Overview.pptx
Microsoft Defender for Endpoint Overview.pptxBenAissaTaher1
 
Microsoft Azure Sentinel
Microsoft Azure SentinelMicrosoft Azure Sentinel
Microsoft Azure SentinelBGA Cyber Security
 
Microsoft 365 Security Overview
Microsoft 365 Security OverviewMicrosoft 365 Security Overview
Microsoft 365 Security OverviewRobert Crane
 
Microsoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance FrameworkMicrosoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance FrameworkAlistair Pugin
 
Microsoft 365 and Microsoft Cloud App Security
Microsoft 365 and Microsoft Cloud App SecurityMicrosoft 365 and Microsoft Cloud App Security
Microsoft 365 and Microsoft Cloud App SecurityAlbert Hoitingh
 
Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Radhakrishnan Govindan
 
Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Dock 365
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and ComplianceKarina Matos
 
Azure Security and Management
Azure Security and ManagementAzure Security and Management
Azure Security and ManagementAllen Brokken
 
Introduction to Azure Sentinel
Introduction to Azure SentinelIntroduction to Azure Sentinel
Introduction to Azure Sentinelarnaudlh
 
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceDavid J Rosenthal
 
Microsoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance UpdatesMicrosoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance UpdatesDavid J Rosenthal
 
Exchange Conference (Philadelphia) - Exchange 2007 Security
Exchange Conference (Philadelphia) - Exchange 2007 SecurityExchange Conference (Philadelphia) - Exchange 2007 Security
Exchange Conference (Philadelphia) - Exchange 2007 SecurityHarold Wong
 

Weitere ähnliche Inhalte

Was ist angesagt?

Microsoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 PlansMicrosoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 PlansDavid J Rosenthal
 
Fundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceFundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceVignesh Ganesan I Microsoft MVP
 
An introduction to Defender for Business
An introduction to Defender for BusinessAn introduction to Defender for Business
An introduction to Defender for BusinessRobert Crane
 
Microsoft Azure Information Protection
Microsoft Azure Information Protection Microsoft Azure Information Protection
Microsoft Azure Information Protection Syed Sabhi Haider
 
introduction to Azure Sentinel
introduction to Azure Sentinelintroduction to Azure Sentinel
introduction to Azure SentinelRobert Crane
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and ComplianceDavid J Rosenthal
 
Microsoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security OverviewMicrosoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security OverviewDavid J Rosenthal
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information ProtectionRobert Crane
 
Microsoft Defender for Endpoint Overview.pptx
Microsoft Defender for Endpoint Overview.pptxMicrosoft Defender for Endpoint Overview.pptx
Microsoft Defender for Endpoint Overview.pptxBenAissaTaher1
 
Microsoft 365 Security Overview
Microsoft 365 Security OverviewMicrosoft 365 Security Overview
Microsoft 365 Security OverviewRobert Crane
 
Microsoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance FrameworkMicrosoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance FrameworkAlistair Pugin
 
Microsoft 365 and Microsoft Cloud App Security
Microsoft 365 and Microsoft Cloud App SecurityMicrosoft 365 and Microsoft Cloud App Security
Microsoft 365 and Microsoft Cloud App SecurityAlbert Hoitingh
 
Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Radhakrishnan Govindan
 
Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Dock 365
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and ComplianceKarina Matos
 
Azure Security and Management
Azure Security and ManagementAzure Security and Management
Azure Security and ManagementAllen Brokken
 
Introduction to Azure Sentinel
Introduction to Azure SentinelIntroduction to Azure Sentinel
Introduction to Azure Sentinelarnaudlh
 
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceDavid J Rosenthal
 

Was ist angesagt? (20)

Microsoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 PlansMicrosoft Security - New Capabilities In Microsoft 365 E5 Plans
Microsoft Security - New Capabilities In Microsoft 365 E5 Plans
 
Fundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceFundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and Compliance
 
An introduction to Defender for Business
An introduction to Defender for BusinessAn introduction to Defender for Business
An introduction to Defender for Business
 
Microsoft Azure Information Protection
Microsoft Azure Information Protection Microsoft Azure Information Protection
Microsoft Azure Information Protection
 
introduction to Azure Sentinel
introduction to Azure Sentinelintroduction to Azure Sentinel
introduction to Azure Sentinel
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and Compliance
 
Microsoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security OverviewMicrosoft 365 Compliance and Security Overview
Microsoft 365 Compliance and Security Overview
 
Office 365 Security Best Practices
Office 365 Security Best PracticesOffice 365 Security Best Practices
Office 365 Security Best Practices
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information Protection
 
Microsoft Defender for Endpoint Overview.pptx
Microsoft Defender for Endpoint Overview.pptxMicrosoft Defender for Endpoint Overview.pptx
Microsoft Defender for Endpoint Overview.pptx
 
Microsoft Azure Sentinel
Microsoft Azure SentinelMicrosoft Azure Sentinel
Microsoft Azure Sentinel
 
Microsoft 365 Security Overview
Microsoft 365 Security OverviewMicrosoft 365 Security Overview
Microsoft 365 Security Overview
 
Microsoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance FrameworkMicrosoft Information Protection: Your Security and Compliance Framework
Microsoft Information Protection: Your Security and Compliance Framework
 
Microsoft 365 and Microsoft Cloud App Security
Microsoft 365 and Microsoft Cloud App SecurityMicrosoft 365 and Microsoft Cloud App Security
Microsoft 365 and Microsoft Cloud App Security
 
Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)Overview of Microsoft Teams and Data Loss Prevention(DLP)
Overview of Microsoft Teams and Data Loss Prevention(DLP)
 
Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365Overview of Data Loss Prevention Policies in Office 365
Overview of Data Loss Prevention Policies in Office 365
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
 
Azure Security and Management
Azure Security and ManagementAzure Security and Management
Azure Security and Management
 
Introduction to Azure Sentinel
Introduction to Azure SentinelIntroduction to Azure Sentinel
Introduction to Azure Sentinel
 
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and Compliance
 

Ähnlich wie Microsoft Office 365 Advanced Threat Protection

Microsoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance UpdatesMicrosoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance UpdatesDavid J Rosenthal
 
Exchange Conference (Philadelphia) - Exchange 2007 Security
Exchange Conference (Philadelphia) - Exchange 2007 SecurityExchange Conference (Philadelphia) - Exchange 2007 Security
Exchange Conference (Philadelphia) - Exchange 2007 SecurityHarold Wong
 
"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managment"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managmentDean Iacovelli
 
Microsoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewMicrosoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewAllessandra Negri
 
4 Modern Security - Integrated SecOps and incident response with MTP
4 Modern Security - Integrated SecOps and incident response with MTP4 Modern Security - Integrated SecOps and incident response with MTP
4 Modern Security - Integrated SecOps and incident response with MTPAndrew Bettany
 
Ironport Data Loss Prevention
Ironport Data Loss PreventionIronport Data Loss Prevention
Ironport Data Loss Preventiondkaya
 
SPC18 - Getting Started with Office 365 Advanced Threat Protection for ShareP...
SPC18 - Getting Started with Office 365 Advanced Threat Protection for ShareP...SPC18 - Getting Started with Office 365 Advanced Threat Protection for ShareP...
SPC18 - Getting Started with Office 365 Advanced Threat Protection for ShareP...jeffgellman
 
Office 365 advanced threat protection
Office 365 advanced threat protectionOffice 365 advanced threat protection
Office 365 advanced threat protectionSoHo Dragon
 
Being more secure using Microsoft 365 Business
Being more secure using Microsoft 365 BusinessBeing more secure using Microsoft 365 Business
Being more secure using Microsoft 365 BusinessRobert Crane
 
Wrong slides! Please check description for correct deck
Wrong slides! Please check description for correct deck Wrong slides! Please check description for correct deck
Wrong slides! Please check description for correct deck Benedek Menesi
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanSPS Paris
 
Comprehensive Protection and Visibility into Advanced Email Attacks
Comprehensive Protection and Visibility into Advanced Email Attacks Comprehensive Protection and Visibility into Advanced Email Attacks
Comprehensive Protection and Visibility into Advanced Email Attacks Symantec
 
24 Hours Of Exchange Server 2007 ( Part 14 Of 24)
24 Hours Of Exchange Server 2007 ( Part 14 Of 24)24 Hours Of Exchange Server 2007 ( Part 14 Of 24)
24 Hours Of Exchange Server 2007 ( Part 14 Of 24)Harold Wong
 
Importance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonImportance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonAdam Levithan
 
Exchange 2007 Overview Son Vu
Exchange 2007 Overview Son VuExchange 2007 Overview Son Vu
Exchange 2007 Overview Son Vuvncson
 
Microsoft365 from a Hacker's Perspective
Microsoft365 from a Hacker's PerspectiveMicrosoft365 from a Hacker's Perspective
Microsoft365 from a Hacker's PerspectiveBenedek Menesi
 
GDI Product Presentation
GDI Product PresentationGDI Product Presentation
GDI Product Presentationtswong
 
D Cornell Securing Share Point
D Cornell Securing Share PointD Cornell Securing Share Point
D Cornell Securing Share PointArt Upton
 
Email: still the favourite route of attack
Email: still the favourite route of attackEmail: still the favourite route of attack
Email: still the favourite route of attackClaranet UK
 
Cisco Connect 2018 Thailand - Cybersecurity strategy an integrated approach k...
Cisco Connect 2018 Thailand - Cybersecurity strategy an integrated approach k...Cisco Connect 2018 Thailand - Cybersecurity strategy an integrated approach k...
Cisco Connect 2018 Thailand - Cybersecurity strategy an integrated approach k...NetworkCollaborators
 

Ähnlich wie Microsoft Office 365 Advanced Threat Protection (20)

Microsoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance UpdatesMicrosoft Office 365 Security and Compliance Updates
Microsoft Office 365 Security and Compliance Updates
 
Exchange Conference (Philadelphia) - Exchange 2007 Security
Exchange Conference (Philadelphia) - Exchange 2007 SecurityExchange Conference (Philadelphia) - Exchange 2007 Security
Exchange Conference (Philadelphia) - Exchange 2007 Security
 
"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managment"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managment
 
Microsoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewMicrosoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overview
 
4 Modern Security - Integrated SecOps and incident response with MTP
4 Modern Security - Integrated SecOps and incident response with MTP4 Modern Security - Integrated SecOps and incident response with MTP
4 Modern Security - Integrated SecOps and incident response with MTP
 
Ironport Data Loss Prevention
Ironport Data Loss PreventionIronport Data Loss Prevention
Ironport Data Loss Prevention
 
SPC18 - Getting Started with Office 365 Advanced Threat Protection for ShareP...
SPC18 - Getting Started with Office 365 Advanced Threat Protection for ShareP...SPC18 - Getting Started with Office 365 Advanced Threat Protection for ShareP...
SPC18 - Getting Started with Office 365 Advanced Threat Protection for ShareP...
 
Office 365 advanced threat protection
Office 365 advanced threat protectionOffice 365 advanced threat protection
Office 365 advanced threat protection
 
Being more secure using Microsoft 365 Business
Being more secure using Microsoft 365 BusinessBeing more secure using Microsoft 365 Business
Being more secure using Microsoft 365 Business
 
Wrong slides! Please check description for correct deck
Wrong slides! Please check description for correct deck Wrong slides! Please check description for correct deck
Wrong slides! Please check description for correct deck
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam Levithan
 
Comprehensive Protection and Visibility into Advanced Email Attacks
Comprehensive Protection and Visibility into Advanced Email Attacks Comprehensive Protection and Visibility into Advanced Email Attacks
Comprehensive Protection and Visibility into Advanced Email Attacks
 
24 Hours Of Exchange Server 2007 ( Part 14 Of 24)
24 Hours Of Exchange Server 2007 ( Part 14 Of 24)24 Hours Of Exchange Server 2007 ( Part 14 Of 24)
24 Hours Of Exchange Server 2007 ( Part 14 Of 24)
 
Importance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonImportance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @Towson
 
Exchange 2007 Overview Son Vu
Exchange 2007 Overview Son VuExchange 2007 Overview Son Vu
Exchange 2007 Overview Son Vu
 
Microsoft365 from a Hacker's Perspective
Microsoft365 from a Hacker's PerspectiveMicrosoft365 from a Hacker's Perspective
Microsoft365 from a Hacker's Perspective
 
GDI Product Presentation
GDI Product PresentationGDI Product Presentation
GDI Product Presentation
 
D Cornell Securing Share Point
D Cornell Securing Share PointD Cornell Securing Share Point
D Cornell Securing Share Point
 
Email: still the favourite route of attack
Email: still the favourite route of attackEmail: still the favourite route of attack
Email: still the favourite route of attack
 
Cisco Connect 2018 Thailand - Cybersecurity strategy an integrated approach k...
Cisco Connect 2018 Thailand - Cybersecurity strategy an integrated approach k...Cisco Connect 2018 Thailand - Cybersecurity strategy an integrated approach k...
Cisco Connect 2018 Thailand - Cybersecurity strategy an integrated approach k...
 

Mehr von David J Rosenthal

Microsoft Teams Phone - Calling Made Simple
Microsoft Teams Phone - Calling Made SimpleMicrosoft Teams Phone - Calling Made Simple
Microsoft Teams Phone - Calling Made SimpleDavid J Rosenthal
 
Whats New in Microsoft Teams Calling November 2021
Whats New in Microsoft Teams Calling November 2021Whats New in Microsoft Teams Calling November 2021
Whats New in Microsoft Teams Calling November 2021David J Rosenthal
 
Whats New in Microsoft Teams Hybrid Meetings November 2021
Whats New in Microsoft Teams Hybrid Meetings November 2021Whats New in Microsoft Teams Hybrid Meetings November 2021
Whats New in Microsoft Teams Hybrid Meetings November 2021David J Rosenthal
 
Viva Connections from Microsoft
Viva Connections from MicrosoftViva Connections from Microsoft
Viva Connections from MicrosoftDavid J Rosenthal
 
Protect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chainProtect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chainDavid J Rosenthal
 
A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365David J Rosenthal
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftDavid J Rosenthal
 
Microsoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewMicrosoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewDavid J Rosenthal
 
Windows365 Hybrid Windows for a Hybrid World
Windows365 Hybrid Windows for a Hybrid WorldWindows365 Hybrid Windows for a Hybrid World
Windows365 Hybrid Windows for a Hybrid WorldDavid J Rosenthal
 
Windows 11 for the Enterprise
Windows 11 for the EnterpriseWindows 11 for the Enterprise
Windows 11 for the EnterpriseDavid J Rosenthal
 
Microsoft Scheduler for M365 - Personal Digital Assistant
Microsoft Scheduler for M365 - Personal Digital AssistantMicrosoft Scheduler for M365 - Personal Digital Assistant
Microsoft Scheduler for M365 - Personal Digital AssistantDavid J Rosenthal
 
What is New in Teams Meetings and Meeting Rooms July 2021
What is New in Teams Meetings and Meeting Rooms July 2021What is New in Teams Meetings and Meeting Rooms July 2021
What is New in Teams Meetings and Meeting Rooms July 2021David J Rosenthal
 
Modernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft AzureModernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft AzureDavid J Rosenthal
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active DirectoryDavid J Rosenthal
 
Better Meetings with Microsoft Teams
Better Meetings with Microsoft TeamsBetter Meetings with Microsoft Teams
Better Meetings with Microsoft TeamsDavid J Rosenthal
 

Mehr von David J Rosenthal (20)

Microsoft Teams Phone - Calling Made Simple
Microsoft Teams Phone - Calling Made SimpleMicrosoft Teams Phone - Calling Made Simple
Microsoft Teams Phone - Calling Made Simple
 
Whats New in Microsoft Teams Calling November 2021
Whats New in Microsoft Teams Calling November 2021Whats New in Microsoft Teams Calling November 2021
Whats New in Microsoft Teams Calling November 2021
 
Whats New in Microsoft Teams Hybrid Meetings November 2021
Whats New in Microsoft Teams Hybrid Meetings November 2021Whats New in Microsoft Teams Hybrid Meetings November 2021
Whats New in Microsoft Teams Hybrid Meetings November 2021
 
Viva Connections from Microsoft
Viva Connections from MicrosoftViva Connections from Microsoft
Viva Connections from Microsoft
 
Protect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chainProtect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chain
 
Microsoft Viva Introduction
Microsoft Viva IntroductionMicrosoft Viva Introduction
Microsoft Viva Introduction
 
Microsoft Viva Learning
Microsoft Viva LearningMicrosoft Viva Learning
Microsoft Viva Learning
 
Microsoft Viva Topics
Microsoft Viva TopicsMicrosoft Viva Topics
Microsoft Viva Topics
 
A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from Microsoft
 
Microsoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewMicrosoft Windows Server 2022 Overview
Microsoft Windows Server 2022 Overview
 
Windows365 Hybrid Windows for a Hybrid World
Windows365 Hybrid Windows for a Hybrid WorldWindows365 Hybrid Windows for a Hybrid World
Windows365 Hybrid Windows for a Hybrid World
 
Windows 11 for the Enterprise
Windows 11 for the EnterpriseWindows 11 for the Enterprise
Windows 11 for the Enterprise
 
Microsoft Scheduler for M365 - Personal Digital Assistant
Microsoft Scheduler for M365 - Personal Digital AssistantMicrosoft Scheduler for M365 - Personal Digital Assistant
Microsoft Scheduler for M365 - Personal Digital Assistant
 
What is New in Teams Meetings and Meeting Rooms July 2021
What is New in Teams Meetings and Meeting Rooms July 2021What is New in Teams Meetings and Meeting Rooms July 2021
What is New in Teams Meetings and Meeting Rooms July 2021
 
Modernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft AzureModernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft Azure
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active Directory
 
Nintex Worflow Overview
Nintex Worflow OverviewNintex Worflow Overview
Nintex Worflow Overview
 
Microsoft Power BI Overview
Microsoft Power BI OverviewMicrosoft Power BI Overview
Microsoft Power BI Overview
 
Better Meetings with Microsoft Teams
Better Meetings with Microsoft TeamsBetter Meetings with Microsoft Teams
Better Meetings with Microsoft Teams
 

Kürzlich hochgeladen

Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 

Kürzlich hochgeladen (20)

DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 

Microsoft Office 365 Advanced Threat Protection

  • 1. Office 365 Advanced Threat Protection Productivitybuilt on security DavidJ. Rosenthal, VP & GM, DigitalBusiness MicrosoftMTC – NYC May 2, 2018
  • 2.
  • 3. 1 billion Windows devices updated 450 billion Microsoft Azure user authentications 400 billion Office emails analyzed Integration across our platforms and services Cloud App Security
  • 4. Office 365 Advance Threat Protection addresses our customer’s challenges Protect business critical data Detect compromised users Gain visibility to respond to threats
  • 6. Protect business critical data Most security experts agree that email remains the #1 attack vector emails analyzed every month in office 365 of all email traffic is spam (Mar ‘17)2 increase in ransomeware- infected emails (2016-2017)1
  • 7. Protect your data • Advanced Threat Protection Safe Attachments: detonating malicious attachments Detonation
  • 8.
  • 9. Attachment sent to sandbox Protect your data • Our features and enhancements limit the impact to user productivity: Dynamic Delivery Dynamic delivery: Reducing the impact from sandboxing latency Continuously lowering latency times Email with attachment Email body goes through basic email security Sandboxing Malicious attachment Safe attachment
  • 10. Protect your data • Our features and enhancements limit the impact to user productivity: Document Preview
  • 11. Protect your data • Advanced Threat Protection Safe Links: Time of click protection for malicious links Web servers perform latest URL reputation check Rewriting URLs to redirect to a web server. User clicking URL is taken to EOP web servers for the latest check at the “time- of-click”
  • 12. Office 365 Phish Protection Stack (Enhanced) 12 Mail Flow Protection Post Delivery Protection ATP Safe link Time of click Protection ATP ZAP Sender Authentication Checks Implicit Intra Org Domain Spoof Detection Soon: ATP Implicit External Domain Spoof Detection Soon: ATP User mailbox Intelligence Soon: ATP User Impersonation Detection Soon: ATP Domain Impersonation Detection AV Engine Scan URL Reputation Scan New: ATP Attachment Detonation for phishing ATP Heuristic Clustering Phish Content Analysis Heuristics/Rules ATP Machine Learning Models Multi factor Authentication for Office 365 New: Safe link for Internal MailNew: ATP block of attachments with bad URLs New: Windows 10 based Rep Scan Enhanced: Safe link for Office Clients ATP Safe link Time of click Protection ATP ZAP Sender Authentication Checks Implicit Intra Org Domain Spoof Detection Soon: ATP Implicit External Domain Spoof Detection Soon: ATP User Intelligence Soon: ATP User Impersonation Detection Soon: ATP Domain Impersonation Detection AV Engine Scan URL Reputation Scan New: ATP Attachment Detonation for phishing ATP Heuristic Clustering Phish Content Analysis Heuristics/Rules ATP Machine Learning Models Multi factor Authentication for Office 365 New: Safe link for Internal Mail New: ATP block of attachments with bad URLs New: Windows 10 based Rep Scan Enhanced: Safe link for Office Clients Enhanced: Client Tips for Suspicious Mails Tenant Block URL for Safe links New: Explore malicious submissions in Threat Explorer Monitor for risky user/App activity Enhanced:Threat Explorer New: Rich Reports & Insights Detect & Respond
  • 13. Protect leveraging Machine Learning Models identifying phish lures Analyses Millions of samples ML Model Model generation Good - Inbox Bad - Phish action Applying what we learnedLearning from the good and bad Base protection
  • 14. • Implicit Spoof Protection; DMARC; SPF • Content based protection • URL verification against known phishing lists • Safety Tips for mails detected as phish • Inline Reporting • Machine Learning Models • Time of Click Protection (Safe links) • Detonation of Content • Users contact graph Domain Spoof • DMARC, DKIM • SPF • Intra Org spoof • Cross domain spoof Compromised • Compromised account Impersonation • Look alike domains • Display name tricks Content • Attachments • URLs • Text Protect with Office 365 ATP enhanced Anti-phish Capabilities
  • 15. Protect: Admins can create enhanced Anti-impersonation settings
  • 16. Protect with Mailbox Intelligence
  • 17. Protect: Admins can apply internal safe links for intra-org emails
  • 18. Protect: Admins can apply sophisticated anti-spoof settings
  • 19. Protect users by enabling message reporting of potential phish enable
  • 20. Protect your data • Advanced threat protection: URL detonation DetonationEmail with link Link added to reputation server
  • 21. Protect your data • Threat protection extends to your entire Office 365 ecosystem Email is only one attack vector Threat protection has extended coverage Microsoft enables security for multiple office workloads Office 365
  • 22. Protect your data • Advanced threat protection for your collaboration workloads Sandboxing and detonation • anonymous links • companywide sharing • explicit sharing • guest user activity collaboration signals • malware in email + SPO • Windows Defender • Windows Defender ATP • suspicious logins • risky IP addresses • irregular file activity threat feeds • users • IPs • On-demand patterns (e.g. WannaCry) activity watch lists Leverage Signals Apply Smart Heuristics Files in SPO, ODB and Teams 1st and 3rd party reputation Multiple AV engines SharePoint OneDrive Microsoft Teams
  • 23. Protect your data • Advanced security for your desktop clients Improve your security against advanced threats, unknown malware, and zero-day attacks Protect users from malicious links with time-of-click protection Safeguard your environment from malicious documents using virtual environments Word Excel PowerPoint Visio
  • 26. Detect compromised users Security & compliance center reporting dashboard • Inbound vs. Outbound Malware
  • 27. Security & compliance center reporting dashboard • Inbound vs. Outbound Malware • ATP Safe Attachment File Disposition Detect compromised users
  • 28. Security & compliance center reporting dashboard • Inbound vs. Outbound Malware • ATP Safe Attachment File Disposition • ATP Safe Attachment Files Caught (Excel, PPT, Word, etc.) Detect compromised users
  • 29. Security & compliance center reporting dashboard • Inbound vs. Outbound Malware • ATP Safe Attachment File Disposition • ATP Safe Attachment Files Caught (Excel, PPT, Word, etc.) • Malware caught in tenant Detect compromised users
  • 30. Security & compliance center reporting dashboard • Inbound vs. Outbound Malware • ATP Safe Attachment File Disposition • ATP Safe Attachment Files Caught (Excel, PPT, Word, etc.) • Malware caught in tenant • Message details/trace Detect compromised users
  • 31. • Detection technology used (Safe Links/Safe Attachments/EOP) • Detonation details (also offered in Threat Intelligence) • Links blocked with emails for the last 7 days • Message details/trace (also offered in Threat Intelligence) Advanced reporting for advanced threat protection Detect compromised users
  • 32. Gain visibility to respond to threats
  • 33. Gain Visibility : Office ATP Dashboard
  • 34.
  • 35.
  • 36.
  • 37.
  • 38.
  • 39.
  • 40.
  • 41.
  • 43. Security Focused Investments for Advanced Threat Protection 60 s
  • 44. What’s next? ATP SIEM Integration We will be enabling SIEM integration for ATP. ATP’s threat feeds will be available through the Office 365 Management Activity API which can then connect to several different SIEM solutions. Safe Links Native Link Rendering ATP Safe Links solution will soon enable users to see the original link when they hover over a URL. This feature is especially useful for users who have been trained on looking for malicious indicators for URLs.
  • 45. © 2018 Razor Technology, LLCwww.razor-tech.com @DavidJRosenthal Slideshare www.razor-tech.com 5 Tower Bridge 300 Barr Harbor Dr., Suite 705 West Conshohocken, PA 19428 www.razor-tech.com David.Rosenthal@razor-tech.com Cell: 215.801.4430 Office: 866.RZR.DATA LETS KEEP IN TOUCH
  • 46. © 2017 Microsoft Corporation. All rights reserved. 46