Avanan vs Microsoft ATP (Defender): What You Need to Know

• Misses attacks targeting Microsoft's basic anti-spam phishing AI, such as BaseStriker and ZeroFont.
• Uses only Microsoft's security intel.

• Avanan sits inside the tenant and scans after Microsoft to catch what EOP and/or ATP miss. This API approach to security gives Avanan the highest catch rate in the industry and blocks threats before they reach inboxes.
• Leverages Check Point's ThreatCloud, a repository of 150,000 connected networks, millions of endpoint devices, dozens of machine learning and AI engines, that detects and stops over 6,000 previously unknown malware daily. 

• Multiple configurations required for anti-phishing with 6 different policy engines.
• Anti-phishing policies cover a maximum of 60 users.

• Avanan installs as an app and deploys in minutes.
• Activate pre-configured anti-phishing, anti-malware, and DLP policies with one click.
• Implement custom policies with workflows for threat detection, DLP, custom queries, and cloud access control.

• End users only receive a 3-line .txt file about quarantined content that they can't understand.

• End users can request for documents to be released from quarantine, pending admin approval. 
• Fully customizable alert emails sent to end users are more detailed than those of ATP.

• Reports only show data for the past 7 days. Admin must wait a few hours to receive reports for older data.
• Reporting is surface level, with limited detail.

• Real time reporting.
• Threat emulation videos show admin the actions malware would take in their environment. 
• Admin can quarantine and take other bulk actions within Avanan's detailed reporting.

Extension of security to OneDrive, SharePoint and Teams

•  Not every file is scanned. "This is by design."

•  Every file is scanned.

Search and Destroy

• Find emails by subject line only in eDiscovery, then destroy with PowerShell.

• Search and destroy current and historic threats from multiple reporting views.