Since its release in 2017, Microsoft has improved ATP. As the default upgrade to Exchange Online Protection (EOP), it integrates with the Office 365 suite and offers some advantages. At the same time, customers and analysts acknowledge that handling evolving threats is an area where third-party solutions have a lot to offer.
Key areas to compare ATP vs Avanan:
“Our organization was being overrun with phishing attempts that were not being captured and quarantined by O365. Our users were reacting to these despite ongoing training and our IT group being overwhelmed with review requests.”
— Analyst, Manufacturing (500M - 1B USD)
Catch rates measure how well security solutions detect incoming threats.
For organizations currently leveraging ATP, an assessment will illuminate the value of adding Avanan to an Office 365 environment. While continuing to leverage the spam, greymail, and other filters in the Exchange Online Protection (EOP) default security and ATP, the added layer of Avanan security will catch 99.9% of those advanced attacks that bypass both Microsoft security programs. In addition, malware and Data Loss Protection available in the platform can also extend beyond the most well-tuned capabilities of ATP for superior catch rates in those areas as well.
The default security from Office 365 was not good, and we activated ATP. We didn't like it because we felt it slowed down the delivery of attachments, and more importantly, phishing attacks were still coming through.
What I liked most was that they turned basically all of the PowerShell capabilities a highly skilled IT Admin could type out and use into a GUI interface that allows anybody with any skill level to use. This allows for some pretty complex queues to be created in order to look for certain patterns or specific emails.
Office 365 is the preferred suite for organizations around the world to conduct business. For security professionals responsible for those organizations, much of their role is dedicated to managing email-based threats. Identifying, investigating, and remediating phishing and malware is time-consuming, and rarely the best use of scarce Security Operations Center (SOC) resources.
Improving Mail-focused Security Orchestration, Automation and Response (Gartner refers to this as M-SOAR), is a key component of a Continuous Adaptive Risk and Trust Assessment (CARTA) framework, that is rapidly becoming adopted by innovative security teams. Accomplishing this in a large organization with hundreds of thousands of users can be tremendously complex. The capabilities are there, but pulling together staff from security, messaging, operations and IT teams as interacting with several tools and interfaces, many of which require advanced PowerShell scripting, can be a daunting task.
Avanan has simplified this process with a single M-SOAR threat interface. Email security admin can identify, investigate, and remediate incidents involving phishing, malware, and data loss. Anomalies lead to a quick understanding of whether an account has been compromised, what data or personnel could be affected, and more.
Should an attack get through, remediation is a quick and easy task. The Avanan Search and Destroy™ features for post-delivery forensics enable fast identification, and the ability to easily remove all instances of the same or similar attacks across an entire Office 365 environment, in just a few clicks. No PowerShell required.
Compare ATP and Avanan’s dashboards, policy implementation wizard, and user experience.Watch the Webinar
Managing the entirety of user actions, data, and configurations in Office 365 is no easy task, especially for the enterprise. One pain point for ATP admins is coordinating the many parts of the threat management experience to get a full picture of the attack lifecycle.
Avanan set about addressing some of the additional concerns raised by Office 365 Security Admins:
After Microsoft ATP didn't work, we tried Avanan and didn't need to worry about phishing
Avanan has proven to be a better option than Microsoft ATP. Start directly with Avanan instead of ATP.
Don't use Microsoft ATP, avanan is all you need for antiphish and malware detection.
Avanan is a member of the Microsoft Partner Network. Numerous Microsoft Managed Service Providers (MSPs) choose to offer an Avanan-protected Office 365 Subscription, wth augmented security.
Avanan installs from the AppSource in one click. The solution seamlessly integrates with the entire Office 365 suite to deliver anti-phishing, malware, and account takeover protection in Outlook, SharePoint, OneDrive, and Teams.
For organizations currently leveraging ATP who seek to close the security vulnerabilities, Avanan scans all email, links, and files after ATP to catch what they miss.
Avanan Attack Briefs chronicle new and novel attacks, often breaking the news of new vectors and methods that have evolved. Office 365 is the main focus area of the Avanan Security Research Team. As Avanan sits behind ATP in security layers, Attack Briefs often call out specific vulnerabilities in ATP. The Avanan Team informs clients, and also gives Microsoft the details of the Indicators of Compromise, to help the broader community.
Here are some examples of attacks that bypassed ATP:
Since Office 365 is the most targeted platform, security professionals need context for every event in the environment to understand the impact of sneaky, evolving threats. This is why dashboard legibility, ease of navigation, and detailed reporting are so important.
Investigation and incident response in ATP is spread across dashboards, and requires the intervention of PowerShell. In Avanan, admin control investigation using:
If you want to take a deep-dive into the admin experience of ATP and Avanan, this white paper compares the platforms, their features, and their functionality with screenshots and charts.How Avanan Compares to Microsoft ATP