Examine threat protection in Microsoft Defender XDR
Microsoft Defender for Office 365 complements Exchange Online Protection (EOP) by providing protection against specific types of advanced threats. Threats EOP can help protect against include phishing and zero-day attacks. Microsoft Defender for Office 365 employs some of the following policies to provide a wide range of threat protection:
- Safe Attachments. Provides zero-day protection to safeguard your messaging system, by checking email attachments for malicious content. It routes all messages and attachments that don't have a virus/malware signature to a special environment, and then uses machine learning and analysis techniques to detect malicious intent. If no suspicious activity is found, the message is forwarded to the mailbox.
- Safe Links. Provides time-of-click verification of URLs, for example, in emails messages and Office files. Protection is ongoing and applies across your messaging and Office environment. Links are scanned for each select: safe links remain accessible and malicious links are dynamically blocked.
- Safe Attachments for SharePoint, OneDrive, and Microsoft Teams. Protects your organization when users collaborate and share files, by identifying and blocking malicious files in team sites and document libraries.
- Anti-phishing protection in Defender for Office 365. Detects attempts to impersonate your users and internal or custom domains. It applies machine learning models and advanced impersonation-detection algorithms to avert phishing attacks.
The following diagram displays how EOP and the Microsoft Defender for Office 365 services provide advanced threat protection to incoming email.
