Microsoft ATP Solutions : Microsoft Defender ATP, Office 365 ATP & Azure ATP
- September 2, 2019
- Posted by: getmax
- Category: ATP, Microsoft
Microsoft has a variety of cybersecurity solutions for every area of your network and application – from on-premise to cloud protection for the desktops, servers, emails, and storage. However, when you are evaluating a security solution for your business, you should choose a perfect fit Microsoft ATP solution.
A Microsoft Advanced Threat Protection (ATP) isn’t actually one product. There are three different Advanced Threat Protection (ATP) options, all of which provide different protection features.
Here are the 3 different Microsoft ATP solutions, as follows:
- Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)
- Office 365 Advanced Threat Protection (Office 365 ATP)
- Azure Advanced Threat Protection (Azure ATP)
Microsoft Defender ATP:
Microsoft Defender Advanced Threat Protection (ATP) previously known as Windows Defender ATP is a unified security platform that is designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats.
Microsoft Defender ATP is a hybrid technology built into Windows 10 and Microsoft’s cloud services:
- Endpoint behavioral sensors: Already embedded in Windows 10, Microsoft Defender ATP collects and processes your operating system behavior data to cloud instance of your ATP.
- Cloud security analytics: Microsoft Defender ATP offers leveraging big-data, machine-learning, and unique Microsoft optics across the Windows ecosystem, enterprise cloud products (such as Office 365), and online assets, behavioral signals are translated into insights, detections, and recommended responses to advanced threats.
- Threat intelligence: Generated by Microsoft hunters, security teams, and augmented by threat intelligence provided by partners, threat intelligence enables Microsoft Defender ATP to identify attacker tools, techniques, and procedures, and generate alerts when these are observed in collected sensor data.
Microsoft Defender ATP comes built-in with Windows 10 and in Microsoft 365 and is managed from the cloud via Defender ATP portal.
Office 365 ATP:
Office 365 ATP is another security solution by Microsoft that safeguards your organization against malicious threats posed by spam emails, links (URLs) and other malicious tools.
Office 365 ATP is designed to deploy at enterprises from small to large which makes it unique from other offerings. Office 365 exists entirely in the cloud with no on-premise setup required, although it can protect local exchange servers.
Office ATP includes:
• Threat protection policies
• Real-time reports to monitor ATP performance
• Threat investigation and response capabilities
• Automated investigation and response capabilities
Office 365 ATP is included as part of all Office 365 Enterprise E5, Office 365 Education A5, and Microsoft 365 Business licenses as standard. Additionally, it can be purchased as an add-on to all of the following license types:
• Exchange Online Plan 1
• Exchange Online Plan 2
• Exchange Online Kiosk
• Exchange Online Protection
• Office 365 Business Essentials
• Office 365 Business Premium
• Office 365 Enterprise E1
• Office 365 Enterprise E3
• Office 365 Enterprise F1
• Office 365 A1
• Office 365 A3
Azure Advanced Threat Protection (ATP) is a cloud-based security solution that protects your networks against cyber threats. Azure ATP identifies, detects, and investigates advanced threats, compromised identities, and malicious insider actions directed at your organization.
Azure ATP enables SecOp analysts and security professionals who are struggling to detect advanced attacks in hybrid environments to:
- Detect and identify suspicious user and device activity with learning-based analytics.
- Leverage threat intelligence to protect user identities and credentials stored in Active Directory.
- Prove clear threat information on a simple timeline for fast triaging.
- Monitor multiple entry points through integration with Microsoft Defender ATP.
Azure ATP learns about your network, enables detection of anomalies, and warns you of suspicious activities.
Azure Advanced Threat Protection architecture:
Azure ATP can detect advanced malicious attacks leveraging both cloud and on-premises signals, reducing false positives, and providing an end-to-end investigation experience including across endpoint and identity with Microsoft Defender ATP integration. Azure ATP requires less on-premise infrastructure and compute. Furthermore, Azure ATP integrates better with Microsoft’s other security solutions.
If you want to secure your business connectivity from the current and future cyber threats, connect with us at firstname.lastname@example.org