Avanan catches 99.9% of the advanced attacks that both EOP & ATP miss.
Microsoft’s default EOP (Exchange Online Protection) provides a solid foundation for security with basic spam filtering and anti-malware features for Office 365. Unfortunately, EOP and the premium ATP (Advanced Threat Protection) doesn’t go far enough. Because Microsoft is the target and the defense for security attacks on Office 365, a new perspective is needed on the threat landscape.
Avanan helps enterprises address these shortcomings by providing a suite of intelligent security solutions engineered to secure the modern digital business.
“With Avanan eliminating the phishing emails, I have seen 0 malware in our network for the last year”
CTO, Retail Industry
Avanan Office 365 Malware Protection Features
Avanan provides enterprises with a holistic Office 365 security solution that fills the gaps ATP can’t. As a result, by using Avanan in place of (or with) ATP, enterprises can protect themselves against zero-day threats in real-time.
Malware Scans by Multiple Vendors
Avanan uses antivirus, malware sandboxing, predictive malware protection, and data leakage prevention solutions from a variety of vendors, including Sophos, Check Point, AVG, PaloAlto, and Symantec. As a result of this multi-vendor approach, Avanan significantly reduces the likelihood of malware making it to an Office 365 user’s inbox or desktop.
Zero-Day Malware Detection
There is no single tool that can detect all malware. With that in mind, Avanan uses multiple tools and implements a multilayer strategy to detect zero-day threats. Additionally, Avanan users benefit from a self-teaching AI-powered algorithm that can dynamically detect malicious behavior and quarantine dangerous files.
For example, Avanan’s anti-phishing functionality uses machine learning to analyze emails for over 300 indicators of phishing. Not only does this limit your exposure to malware, but it also reduces dwell time and lateral movement in the event a breach occurs.
Further, beyond protecting Office 365 email inboxes, Avanan provides zero-day protection for your entire cloud environment. This means services like SharePoint, OneDrive, and Skype for Business are protected as well.
Avanan scans every file for malware. In the event malware is detected, Avanan’s file sanitization process replaces the malicious file with a sanitized version. The sanitized version of the file includes content but is free from any malicious code or binaries.
Avanan’s detailed real-time reporting allows IT to analyze every aspect of a threat. This means IT can view videos of threat emulation demonstrating what would happen if malware breached the network. Additionally, enterprises can view granular details on network, process, and registry events. Further, detailed summary reports allow IT to identify and quarantine attacks impacting multiple users.
Robust & Customizable Security
Often, enterprises face a tradeoff between security and complexity. This means IT must strike a balance between layering in security and avoiding a patchwork of solutions and policies that are difficult to maintain. With Avanan, this is no longer the case. As a result of Avanan bundling a robust suite of security solutions in a single converged platform, IT can seamlessly configure and customize security policies and workflows. As a result, enterprises gain robust Office 365 security without dramatically increasing opex and network complexity.
Gaps in Microsoft’s Office 365 Malware Protection
Microsoft’s built-in EOP security provides cloud-based email filtering to protect against spam and malware. EOP comes with three antimalware engines: Windows Defender and two unnamed solutions. The idea behind the multiengine approach is simple: there is a higher probability of detecting malware if you use multiple engines for Office 365 malware protection.
Poor catch rate for zero-day malware
ATP is only marginally better than EOP at detecting zero-day malware via email. Both ATP and EOP let 5-20% of zero-day malware hit email inboxes.
No behavioral analytics
ATP lacks the advanced behavioral analytics functionality that can address sophisticated attack vectors such as Business Email Compromise (BEC).
ATP threat management reporting only contains 7 days’ worth of data. Additionally, the data lacks the granularity IT needs to troubleshoot and management requires for capturing in-depth insights to dataflows.
No detection of insecure account configurations
Unusual logins and altered email settings are common signs of account compromise. Unfortunately, ATP cannot rapidly detect and respond to insecure Office 365 account configurations.
Microsoft calls out the fact ATP does NOT scan ever file loaded to SharePoint Online, OneDrive for Business, or Microsoft Teams. Rather ATP scans asynchronously based upon heuristics. As a result, when you consider the rise of threats like PhishPoint, there is an inherent gap in Office 365 scan coverage with ATP.
Avanan vs ATP for Office 365 Malware Protection
To see the difference between Avanan and ATP when it comes to Office 365 malware protection, check out this side-by-side comparison.