RECOMMENDED: Click here to fix Windows errors and optimize system performance
The Windows Advanced Threat Protection (ATP) service helps you prevent malware attacks by scanning incoming email attachments for new threats and blocking them immediately. Each ATP classifies a threat in :
- Clean – the file presents minimal risk because no malicious indicators are detected.
- Suspicious – Medium risk file. It represents a potential risk
- Malicious – High risk file. It is very likely that the files are infected by malware.
It is therefore essential to check the ATP report before determining whether the message should be delivered.
View advanced threat protection reports
You can view your ATP reports in the Security and Compliance Center. Go to Reports > Dashboard. There are three types of ATP reports:
- Threat Protection Status Report
- ATP Message Disposition Report
- ‘Advanced Threat Protection’ Report
Let’s look at it.
Threat Protection Status Report
To view this report, access the Security and Compliance Center, go to Threat Management and select Advanced Threats.
To get a more detailed report for any day, move the mouse pointer over the graph. The report provides an aggregate number of unique email messages containing malicious content (files or links) that are blocked by built-in ATP protections such as ATP secure links and ATP secure attachments.
Under the graph, you see a detailed list of detections, including subject lines and how each item was detected. Simply select an item to display the observed behavior, for example whether it is an incoming or outgoing item, as detected, and perform advanced analysis if necessary.
ATP Message Planning Report
The ATP Message Planning Report essentially shows confirmed actions for suspected URL or malicious file emails.
To view this report, go to the Reports section, which is visible under’Security & Compliance Center’> Dashboard, then to ATP Message Disposition.
Just click on the report to open it and get a more detailed view of the report.
It informs the user of links to malicious websites (URLs) and malicious files detected by secure ATP links and secure attachments (we will discuss this in our next post).
To view this report, the Reports section, as described above, choose’Dashboard’> ATP File Type.
When you move the mouse pointer over a given day, you can see how many URLs or malicious files have been detected. Click the ATP File Types report for a more detailed view of the report.
ATP allows users to create and define policies that ensure users can only access links in emails or email attachments that have been identified as not being harmful.
Details can be found on office.com.
RECOMMENDED: Click here to troubleshoot Windows errors and optimize system performance