Office 365 Attack Simulator Preview Available

  • Article

Nick Johnson, PTS

 

Greetings Partners!

Security continues to be a hot topic. Threat actors are looking for new ways to attack. Their methods become more sophisticated daily. Customers are looking for ways to better protect their users. Administrators are tasked with implementing protection and making sure it works. Is there an easy way to do this?

To help protect users we have Office 365 Advanced Threat Protection. Office 365 Advanced Threat Protection can help protect your mailboxes, files, online storage, and applications against new, sophisticated attacks in real time. It offers holistic protection in Microsoft Teams, Word, Excel, PowerPoint, Visio, SharePoint Online, and OneDrive for Business. By protecting against unsafe attachments and expanding protection against malicious links, it complements the security features of Exchange Online Protection to provide better zero-day protection.

In my experience O365 ATP with Safe Attachments and Exchange Online Protection is one of the best and easiest things customers can add on to O365 to protect users.

Protect against unsafe attachments

With Safe Attachments, you can prevent malicious attachments from impacting your messaging environment, even if their signatures are not known. All suspicious content goes through a real-time behavioral malware analysis that uses machine learning techniques to evaluate the content for suspicious activity. Unsafe attachments are sandboxed in a detonation chamber before being sent to recipients. The advantage is a malware free and cleaner inbox with better zero-day attack protection.

Protect your environment when users click malicious links

Exchange Online Protection provides protection against malicious links by scanning content. Safe Links expands on this by protecting your environment when users click a link. While the content is being scanned, the URLs are rewritten to go through Office 365. The URLs are examined in real time, at the time a user clicks them. If a link is unsafe, the user is warned not to visit the site or informed that the site has been blocked. Reporting is available, so administrators can track which users clicked a link and when they clicked it.

One of the challenges for customers is testing attack scenarios in a safe way. Once protection is enabled, admins would like to verify they are working. We've made that easier than ever. With Attack Simulator (included in Office 365 Threat Intelligence), if you are a security or global administrator, you can now run realistic attack scenarios in your organization. This can help you identify and find vulnerable users before a real attack impacts your bottom line.

Click here to learn more about the Attack Simulator preview and how you can start using it.