Advanced Threat Protection (ATP)

Advanced Threat Protection (ATP) Safe Links

Balu llag | August 5th, 2019

Advanced Threat Protection (ATP) Safe Links

Office 365 ATP provides numerous tools to set an appropriate level of protection for your organization.

Your organization’s security team must define policies for each ATP tool in the Office 365 Security & Compliance Center. Go to Threat management > Policy

What is ATP Safe Links?

ATP safe links provides time-of-click verification of URLs, for example, in emails messages and Office files. Protection is ongoing and applies across your messaging and Office environment. Links are scanned for each click: safe links remain accessible and malicious links are dynamically blocked. To learn more, see Set up Office 365 ATP Safe Links policies.

How do I configure safe link policy for Microsoft Teams?

1. Make you have appropriate permission to define (or edit) ATP policies, you must be assigned one role from Office 365 Global Administrator, Security Administrator or Exchange Online Organization Management role.

2. To configure or modify ATP Safe Links policy that applies to everyone, do below

  1. Go to https://protection.office.com and sign in with your work or school account.
  2. In the left navigation, under Threat management, choose Policy > Safe Links.

ATP Safe links

  • In the Policies that apply to the entire organization section, select Default, and then choose Edit (the Edit button resembles a pencil).

Add block link to ATP policy

  • In the Block the following URLs section, specify one or more URLs that you want to prevent people in your organization from visiting. For example, www.abc.com is added to block.
  • In the Settings that apply to content except email section, select (or clear) the options you want to use. (Microsoft recommend that you select all the options.)

Setting options

  • Choose Save.

Note: You may define additional policies that would apply to specific recipients. For example, you can specify exceptions to your default policy by defining an additional policy.

How do I view reports with information about detected files?

To view status and detailed information about files that were detected by Office 365 ATP, you can use the Threat Protection Status report.

  1. In the Office 365 Security & Compliance Center, choose Reports > Dashboard > Threat Protection Status.
  2. In the upper right corner of the report, choose View details table.
  3. View the list of files that were detected in the report.
  4. Select an item in the list to view detailed information, including actions taken, the file name, the file path, and more.
  5. Choose the Advanced Analysis tab to view information, such as observed behavior and analysis details.

Thank you.

No Comments

Post A Comment