Office 365 Advanced Threat Protection includes safe links, safe attachments, spoof intelligence, and advanced anti-phishing capabilities. Advanced Threat Protection helps protect your organization from malicious attacks by checking content, such as attachments and hyperlinks in email messages, and unauthorized spoof mail. Protection is determined by the policies for safe links and safe attachments that global administrators or security administrators define.
Once Advanced Threat Protection is in place, reports are available to show how Advanced Threat Protection is working for your organization. In addition, you can submit a suspicious file to Microsoft for analysis.
Confirm or get Advanced Threat Protection for your organization
As a global or security administrator, go to https://portal.office.com and sign in with your work or school account for Office 365.
Choose Admin > Billing to see what your current subscription includes.
If you see Office 365 Enterprise E5, then your organization has Advanced Threat Protection.
If you see a different subscription, such as Office 365 Enterprise E3 or Office 365 Enterprise E1, then you can add Advanced Threat Protection. To do that, choose + Add subscription.
Proceed to define policies for ATP safe links and safe attachments.
Define policies for ATP safe links and safe attachments
Submit a file to Microsoft for analysis
If you get a file that you suspect could be malware, you can submit that file to Microsoft for analysis. Visit the Windows Defender Security Intelligence submission portal.
Overview of the Office 365 Security & Compliance Center
View the reports for Advanced Threat Protection
View the reports for Exchange Online Protection
Threat management in the Office 365 Security & Compliance Center