Protecting users against the largest attack vector should be every socks and security manager focus. When we look at the Microsoft security stack, we see Microsoft defender for office 365 (MDO) being the recommended tool to protect user mailboxes and even provide user training through its many capabilities.
In this article I intend to provide an overview to defender for office 365, its general capabilities and also what kind of technologies are included in its engines.
Microsoft’s Email Protection History
The Email security industry is one that has existed for many decades now. They’ve seen big shifts in Enterprise Information security with an evolution that spans multiple decades, technologies, vendors and approaches.
I’ve looked in the history books — and by that, I mean: wikipedia, Microsoft TechNet and blogs — and collated a very short history, very high-level and technological independent view of Microsoft’s Email Security solutions.
In 2005 Microsoft acquired FrontBridge Technologies, an US-based Email security provider.
In 2006, FrontBridge Technologies rebrand to Exchange Hosted Services: Announcing… Exchange Hosted Services — Microsoft Community Hub
Years go by, the industry and Email solutions evolve.
Thus, I will suggest a break from traditional Email security here, and — Fast forward to…
2015, Microsoft Released Exchange Online Advanced Threat Protection: Exchange Online ATP: Introduction and Step by Step Deployment Guide — TechNet Articles — United States (English) — TechNet Wiki (microsoft.com)
In 2016, rebranded to Office 365 Advanced Threat Protection: Introducing Office 365 Advanced Threat Protection | Microsoft 365 Blog
In 2020, rebranded to Microsoft Defender for Office 365: Office 365 ATP is now Microsoft Defender for Office 365 — Microsoft Community Hub
With this said, I will focus on the latter solution, despite Microsoft still supporting Exchange Server 2019 protection with in-built controls, as the documentation states in this document, where it reads:
Antispam and antimalware…