Office 365 Advanced Threat Protection Comparison

Advanced Threat Protection

While ATP offers an improvement over default Exchange Online Protection (EOP), Office 365 users and analysts acknowledge that supplemental security is needed to fully protect email and workplace collaboration.

Key areas to compare ATP vs Avanan:

  • Catch Rates
  • Configuration issues
  • Email incident response times
“Our organization was being overrun with phishing attempts that were not being captured and quarantined by O365. Our users were reacting to these despite ongoing training and our IT group being overwhelmed with review requests.”

— Analyst, Manufacturing (500M - 1B USD)

Comparing Catch Rates

Catch rates measure how well security solutions detect incoming threats.

For organizations currently leveraging ATP, an assessment will illuminate the value of adding Avanan to an Office 365 environment. While continuing to leverage the spam, greymail, and other filters in the Exchange Online Protection (EOP) default security and ATP, the added layer of Avanan security will catch 99.9% of those advanced attacks that bypass both Microsoft security programs. In addition, malware and Data Loss Protection available in the platform can also extend beyond the most well-tuned capabilities of ATP for superior catch rates in those areas as well.

Email Security Incident Response

Office 365 is the preferred suite for organizations around the world to conduct business. For security professionals responsible for those organizations, much of their role is dedicated to managing email-based threats. Identifying, investigating, and remediating phishing and malware is time-consuming, and rarely the best use of scarce Security Operations Center (SOC) resources.

Improving Mail-focused Security Orchestration, Automation and Response (Gartner refers to this as M-SOAR), is a key component of a Continuous Adaptive Risk and Trust Assessment (CARTA) framework, that is rapidly becoming adopted by innovative security teams. Accomplishing this in a large organization with hundreds of thousands of users can be tremendously complex. The capabilities are there, but pulling together staff from security, messaging, operations and IT teams as interacting with several tools and interfaces, many of which require advanced PowerShell scripting, can be a daunting task.

Avanan has simplified this process with a single M-SOAR threat interface. Email security admin can identify, investigate, and remediate incidents involving phishing, malware, and data loss. Anomalies lead to a quick understanding of whether an account has been compromised, what data or personnel could be affected, and more.

Should an attack get through, remediation is a quick and easy task. The Avanan Search and Destroy™ features for post-delivery forensics enable fast identification, and the ability to easily remove all instances of the same or similar attacks across an entire Office 365 environment, in just a few clicks. No PowerShell required.

Compare ATP and Avanan’s dashboards, policy implementation wizard, and user experience.

Watch the Webinar

Addressing the Full Threat Lifecycle in Office 365

Managing the entirety of user actions, data, and configurations in Office 365 is no easy task, especially for the enterprise. One pain point for ATP admins is coordinating the many parts of the threat management experience to get a full picture of the attack lifecycle.

Avanan set about addressing some of the additional concerns raised by Office 365 Security Admins:

  • Accepting human input to train AI models to block similar attacks
  • Scanning every SharePoint, OneDrive, and Teams file--in real-time
  • Consistency of dashboard and intuitive user interface design
  • Strong communication of updates and enhancements for security teams

Avanan and the Microsoft Partner Network

Avanan is a member of the Microsoft Partner Network. Numerous Microsoft Managed Service Providers (MSPs) choose to offer an Avanan-protected Office 365 Subscription, wth augmented security.

Avanan installs from the AppSource in one click. The solution seamlessly integrates with the entire Office 365 suite to deliver anti-phishing, malware, and account takeover protection in Outlook, SharePoint, OneDrive, and Teams.

For organizations currently leveraging ATP who seek to close the security vulnerabilities, Avanan scans all email, links, and files after ATP to catch what they miss.

Catching Attacks Missed by ATP

Avanan Attack Briefs chronicle new and novel attacks, often breaking the news of new vectors and methods that have evolved. Office 365 is the main focus area of the Avanan Security Research Team. As Avanan sits behind ATP in security layers, Attack Briefs often call out specific vulnerabilities in ATP. The Avanan Team informs clients, and also gives Microsoft the details of the Indicators of Compromise, to help the broader community.

Here are some examples of attacks that bypassed ATP:

Essential Functions for Office 365

Since Office 365 is the most targeted platform, security professionals need context for every event in the environment to understand the impact of sneaky, evolving threats. This is why dashboard legibility, ease of navigation, and detailed reporting are so important.

Investigation and incident response in ATP is spread across dashboards, and requires the intervention of PowerShell. In Avanan, admin control investigation using:

  • A single page of glass dashboard experience
  • Search and destroy™ engine for quarantine and remediation
  • Automatic anomaly detection
  • Threat emulation reports for malware

2020 ATP Report

Read the White Paper

In the most thorough analysis of its kind, Avanan security analysts classified over 500,000 malicious emails, sent to real end-user mailboxes protected by Microsoft’s Advanced Threat Protection (ATP). This research identified the types of attacks that were blocked by ATP or EOP, and the types of attacks that were missed by both.

2020 ATP Report →

Want More Information?

Check out all the leading solutions compared to Avanan, in one place. See why Avanan is the fastest, easiest, and most secure way to protect Office 365.

See Comparison Chart