Microsoft is making its Office 365 security better for businesses

News
By
published

Office 365 gets automated response to phishing, malicious links and malware

(Image credit: Shutterstock)

In an effort to help security teams deal with the barrage of critical alerts they receive daily, Microsoft has made its Automated Incident Response in Office 365 Advanced Threat Protection (ATP) available to all enterprise customers.

The software giant's automation feature is designed to aid security analysts in responding to alerts faster and more systemically.

In a recent blog post, Microsoft announced that it is making two categories of automated incident response available to its enterprise customers. The first category deals with automatic investigations that are triggered in response to new alerts that occur when users report phishing emails, click on a malicious link or when malware or a phishing emails are found in their mailboxes.

The second category consists of investigations that are initiated manually and use Microsoft's own 'automated playbook' sequences to get to the bottom of different scenarios and attack types.

Rich security playbooks

Microsoft's automation follows its rich security playbooks which are essentially a series of carefully logged steps that security teams can use to comprehensively investigate an alert. They also offer a set of recommended actions for containment and mitigation when dealing with an alert.

The company's playbooks correlate similar emails that have been sent or received within an organization to detect any suspicious activities for relevant users. Microsoft gives a few examples of flagged activities in its blog post citing mail forwarding, mail delegation, Office 365 Data Loss Prevention (DLP) violations and suspicious email sending patterns.

As part of the Microsoft Threat Protection promise, these playbooks also integrate with signals and detections from Microsoft Cloud App Security and Microsoft Defender ATP.

Organizations that have either an Office 365 ATP Plan 2 or Office 365 Enterprise E5 tier plan can take advantage of the company's automated incident response features beginning today.

Via ZDNet

Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Latest in Security
A close-up of a phone screen showing the Telegram, Signal and WhatsApp apps
Agentic AI has “profound” issues with security and privacy, Signal President says
Bluetooth
Top Bluetooth chip security flaw could put a billion devices at risk worldwide
How to prevent cyberattacks
NTT admits hackers accessed details of almost 18,000 corporate customers in cyberattack
Woman shocked by online scam, holding her credit card outside
Cybercriminals used vendor backdoor to steal almost $600,000 of Taylor Swift tickets
Woman using iMessage on iPhone
UK government guidelines remove encryption advice following Apple backdoor spat
Cryptocurrencies
Ransomware’s favorite Russian crypto exchange seized by law enforcement
Latest in News
Nvidia geforce rtx 3050
RTX 5050 rumors detail full spec of desktop graphics card, suggesting Nvidia may use slower video RAM – but I wouldn’t panic yet
OnePlus 13
OnePlus is ditching the Alert Slider for an iPhone-style customizable button - and I’ll be sad to see it go
Q Acoustics Q SUB80, QSUB100 and QSUB120 subwoofers
Q Acoustics wants to bring the bass to your post-Oscars movie catch-up
Hospital
Major Oracle outage hits US Federal health record systems
Samsung Galaxy A56 display
Samsung’s new budget handsets are getting One UI 7 before the Galaxy S24 Ultra, and I’m as confused as you are
iPad Pro 13-inch 2024 on a table
The OLED iPad Pro is reportedly less popular than expected – and that could mean these changes to Apple's OLED iPad plans
More about security
Bluetooth

Top Bluetooth chip security flaw could put a billion devices at risk worldwide
How to prevent cyberattacks

NTT admits hackers accessed details of almost 18,000 corporate customers in cyberattack
Nvidia geforce rtx 3050

RTX 5050 rumors detail full spec of desktop graphics card, suggesting Nvidia may use slower video RAM – but I wouldn’t panic yet
See more latest
Most Popular
Nvidia geforce rtx 3050
RTX 5050 rumors detail full spec of desktop graphics card, suggesting Nvidia may use slower video RAM – but I wouldn’t panic yet
Bluetooth
Top Bluetooth chip security flaw could put a billion devices at risk worldwide
Michelle and Kid Cosmo watching a video projected onto a screen in Netflix's The Electric State movie
'We could not achieve that with puppetry or animatronics': Joe and Anthony Russo didn't want to build real-life robots for The Electric State for two big reasons
Workers at computers in an office
Cybersecurity workers aren't massively happy with their employers - but they are being paid pretty well
Nvidia logo on a dark background
Nvidia's GeForce graphics driver woes continue for some users, despite 572.75 hotfix's overclock and black screen promises
Garmin Fenix 8 AMOLED watch on wrist
Garmin owners were confused about 13.35 software update for Fenix 8, here's what actually happened
An AI face in profile against a digital background.
Worried about DeepSeek? Well, Google Gemini collects even more of your personal data
Samsung Galaxy A56 display
Samsung’s new budget handsets are getting One UI 7 before the Galaxy S24 Ultra, and I’m as confused as you are
iPad Pro 13-inch 2024 on a table
The OLED iPad Pro is reportedly less popular than expected – and that could mean these changes to Apple's OLED iPad plans
Chrome icon on Android
The US government still wants Google to sell off Chrome