ProServeIT
By ProServeIT on March 22, 2018

Ultimate Guide to Advanced Threat Protection: The 3 ATPS of Microsoft

An emphasis on Advanced Threat Protection is necessary in today’s cybersecurity landscape. Cybersecurity is becoming one of the most globally-recognized pressures that organizations will face going forward. With major brand names like Accenture, Equifax, Verizon, Deloitte, and Uber ending up in news headlines for data breaches, it’s no secret that cybersecurity is a topic that’s high on the list of priorities for many organizations.

The question on many people’s minds is, as businesses become increasingly digitized, and as technology continues to advance, how can you protect your organization from cybercriminals?

With the introduction of Windows 10 a few years ago, and an annual $1 billion spend on security, Microsoft has emerged as a leader in protecting businesses from cybersecurity threats. In this blog, we’ll look at the three types of Advanced Threat Protection, including their features and benefits that make them a great choice for organizations to implement.

 

Alarm guardian email


What is Azure Advanced Threat Protection?

Azure Advanced Threat Protection (Azure ATP), now recognized as Microsoft Defender for Identity, helps to detect and investigate advanced attacks and insider threats across on-premises, Cloud, and hybrid environments, stopping attackers from gaining access to your system. By taking information from multiple data sources, like the logs and events in your network, Azure ATP learns the behaviour of your users and other entities within your organization and builds a behavioural profile about them. Then, when suspicious activity is detected, it alerts you via the Azure ATP workspace portal, so you can see those suspicious activities and confirm whether it is a potential attack or not.

Windows-Defender-ATP

Source

Why Use Azure ATP

  • 🔎 Malicious Activity Identifying/Tracking: Azure ATP helps you to identify and track any malicious activities in your environment, including Pass-the-Ticket, Pass-the-Hash, horizontal or vertical brute force attacks, DNS reconnaissance, unusual protocols, malicious service creation, and others.
  •  
  • 🛡️ Protection from Attack Vectors: Azure ATP protects your organization from both known and unknown attack vectors before they cause damage to your organization.
  •  
  • 🕵🏼‍♂️ Detects Multiple Suspicious Activities: Azure ATP focuses on several phases of the cyber-attack kill chain, including reconnaissance, lateral movement cycle, and domain dominance, and detects advanced attacks and insider threats before they can cause damage to your organization.
  •  
  • ☑️ Implement Honeytoken Accounts: Azure ATP allows you to install honeytoken accounts – decoy accounts that are set up for the sole purpose of identifying and tracking malicious activity – within your network.


What is Windows Defender Advanced Threat Protection?

Windows Defender Advanced Threat Protection (Windows Defender ATP), now recognized as Microsoft Defender for Endpoint, integrates with Azure ATP to detect and protect against malicious activity, but its focus is on the end points – the actual devices being used. Working with existing Windows security technologies, like Windows Defender Antivirus, AppLocker, and Windows Defender Device Guard, Windows Defender ATP detects sophisticated cyber-attacks by providing Cloud-powered, behaviour-based advanced attack detection.

Windows-Defender-ATP

Source

Why Use Windows Defender ATP

  • 🔐 Next-Gen Threat Protection: Windows Defender ATP has next-gen threat protection and post-breach detection built right into the Windows 10 Operating System, so you don’t need to worry about installing a new agent.
  •  
  • 🖥️ Adapt, Deploy, Orchestrate: Windows Defender ATP adapts to changing threats, can deploy new defenses, and can orchestrate any remediation that is required.
  •  
  • ☁️ Smart & Connected Threat Protection: Windows Defender ATP uses the power of the Cloud, behaviour analytics, and machine learning to provide you with smart and connected threat protection.
  •  
  • 🔍 Faster Detection and Response: With Windows Defender ATP’s comprehensive monitoring tools, you can detect any abnormalities and respond to any attacks much faster.
  •  
  • 📋 Recommendations: Windows Defender ATP lets you track your overall security posture and gives you recommendations on how to further reduce your organization’s attack surface.
  •  
  • 🗄️ Access to Historical Data: Windows Defender ATP enables you to search and explore up to six months of historical data across your endpoints in an instant.
  •  

  • Check out the short video below to learn what is Advanced Threat Protection - Microsoft (ATP):

 

 


What is Office 365 Advanced Threat Protection?

Office 365 Advanced Threat Protection, now recognized as Microsoft Defender for Office 365, protects your email, files, and Office 365 applications against potential attacks such as unsafe attachments and malicious links.

Windows-Defender-ATP

Source

Why use Office 365 ATP

  • 🔒 Real-Time Protection from Sophisticated Attacks: Office 365 ATP protects your mailboxes, online storage, files, and other applications you’re using against any new, sophisticated attacks in real time.
  •  
  • 🛡️ Protection Against Unsafe Attachments: Using Safe Attachments, Office 365 ATP protects against unsafe attachments and provides you with a malware-free, cleaner inbox.
  •  
  • 👁️ Visibility into Potential Targets: Office 365 ATP lets you see who might be targeted in your organization, and what kinds of attacks you might be facing.
  •  
  • 🚫 Unsafe Link Blocking: Office 365 ATP blocks users from clicking on unsafe links. If a link they click on is unsafe, the user is either informed that the site’s been blocked, or warned not to visit it.
  •  
  • 🔗 URL Trace Capabilities: Office 365 ATP provides URL trace capabilities that lets you track what individual has clicked malicious links in the messages they’ve received.


With Microsoft Office 365 & Azure, BCG secured a reliable and productive IT infrastructure.

Key Benefits:

Increased Scalability: BCG now has the opportunity for future growth, which its old system didn’t allow for.

Growth Supported: Azure environment allows for onboarding of BCG’s new customers without any net new capital costs.

Better Cost Management: BCG’s IT expenses are now paid monthly and can be predicted with adds and deletions of users on a monthly basis. These make it easy to manage IT costs.

 

Read more case studies >>


Keep Your Organization Secure with Advanced Threat Protection

From protecting your emails, files, applications, and devices, using any (or all) of these Advanced Threat Protection solutions is a smart way to ensure that you are protected against advanced attacks, malware threats and data breaches. Not using Advanced Threat Protection (or not sure how to use it to its full potential)? Drop us a line and let us help you!

 

Published by ProServeIT March 22, 2018
ProServeIT