Office 365 Advanced Threat Protection

Office 365 Advanced Threat Protection helps to protect your organization from malicious attacks by:

Office 365 Advanced Threat Protection is determined by policies that an Office 365 global administrator or security administrator defines for safe links, safe attachments, and anti-phishing. When Advanced Threat Protection is in place, reports are available to show how Advanced Threat Protection is working for your organization. In addition, you can submit a suspicious file to Microsoft for analysis.

What do you want to do?

Get Office 365 Advanced Threat Protection

  1. As a global or security administrator, go to https://portal.office.com and sign in with your work or school account for Office 365.

  2. Choose Admin > Billing to see what your current subscription includes.

    As a global admin, sign in at portal.office.com and go to Admin > Billing

  3. If you see Office 365 Enterprise E5, then your organization has Advanced Threat Protection.

    If you see a different subscription, such as Office 365 Enterprise E3 or Office 365 Enterprise E1, then you can add Advanced Threat Protection. To do that, choose + Add subscription.

Once you have Advanced Threat Protection, your next step is to define policies for Safe Links and Safe Attachments.

Define policies for ATP

In order for ATP protection to be in place, you must define policies. Use the following resources to define your ATP policies.

See how ATP is working by viewing reports

After you set up Advanced Threat Protection policies, reports are available to show how the service is working.

The Security & Compliance Center dashboard can help you see where Advanced Threat Protection is working

  1. Make sure that you are an Office 365 global administrator, security administrator, or security reader. (See Permissions in the Office 365 Security & Compliance Center.)

  2. View email security reports in the Security & Compliance Center, including a new user-reported messages report.

  3. View reports for Advanced Threat Protection and Exchange Online Protection, including a Threat protection status report.

  4. If needed, make adjustments to your security policies. See the following resources:

Submit a suspicious file to Microsoft for analysis

If you get a file that you suspect could be malware, you can submit that file to Microsoft for analysis. Visit the Windows Defender Security Intelligence submission portal.

Related topics

Overview of the Office 365 Security & Compliance Center
View the reports for Advanced Threat Protection
Threat management in the Office 365 Security & Compliance Center

Get support
Contact us
Expand your Office skills
Explore training

Was this information helpful?

Thank you for your feedback!

Thank you for your feedback! It sounds like it might be helpful to connect you to one of our Office support agents.

×