Securitate

How to view the Advanced Threat Protection Reports

How to view the Advanced Threat Protection Reports

Advanced Threat Protection (ATP) service in Windows helps you prevent zero-day malware attacks by analyzing inbound email attachments for any new threats and blocking them right away. Every ATP classifies a threat into:

  1. Clean - File classified has a minimal risk as no malicious indicators are found.
  2. Suspicious - File classified as medium risk. It poses a potential risk
  3. Malicious - File classified as high-risk. There's a great likelihood of file being laced with malware.

It is therefore essential to review the ATP Report before determining whether to deliver the message.

Viewing Advanced Threat Protection Reports

You can view your ATP reports in the Security & Compliance Center. Go to Reports > Dashboard. There are three kinds of ATP reports:

  1. Threat protection status report
  2. ATP Message Disposition report
  3. Advanced Threat Protection File Types report

Let us take a look at them.

Threat protection status report

To view this report, navigate to Security & Compliance Center, go to Threat management and choose Advanced threats.

Then, for a more detailed status for any day, hover over the graph. The report will offer an aggregated count of unique email messages with malicious content (files or links) blocked by built-in ATP protection features like ATP safe links and ATP safe attachments.

Underneath the chart, you'll see a detailed list of the detections, including subject lines and how each item was detected. Simply select an item to view its observed behavior like, whether the item was inbound or outbound, how it was detected and perform advanced analysis, if necessary.

ATP Message Disposition report

The ATP Message Disposition report basically displays the actions confirmed for email messages that were suspected to have malicious URLs or files.

For viewing this report, go to Reports section visible under the 'Security & Compliance Center'> Dashboard and then, ATP Message Disposition.

Simply click the report to open it and get a more detailed view of the report.

Advanced Threat Protection File Types report

It informs a user about malicious website links (URLs) and malicious files detected through ATP safe links and safe attachments policies (we'll cover this topic in our upcoming post)

To view this report, Reports section as outlined above, select 'Dashboard'> ATP File Type.

Next, when you move your mouse cursor over a particular day, you can notice the number of malicious URLs or files were detected. Click the ATP File Types report to get a more detailed view of the report.

Thus, ATP provides a way for users to create and define policies that can ensure users access only to links in emails or attachments to emails that are identified as not malicious.

For details, you may visit office.com.

Cum se utilizează AutoKey pentru automatizarea jocurilor Linux
AutoKey este un utilitar de automatizare desktop pentru Linux și X11, programat în Python 3, GTK și Qt. Folosind funcțiile sale de scriptare și MACRO,...
Cum se arată FPS Counter în jocurile Linux
Jocurile cu Linux au primit un impuls major când Valve a anunțat suportul Linux pentru clientul Steam și jocurile acestora în 2012. De atunci, multe j...
How to download and Play Sid Meier's Civilization VI on Linux
Introduction to the game Civilization 6 is a modern take on the classic concept introduced in the series of the Age of Empires games. The idea was fai...