What is Microsoft Defender for Office 365?
The way people communicate and collaborate is becoming easier. But that ease comes with an increased risk of criminals looking to exploit it. Microsoft Defender for Office 365 provides a cloud-based filtering service with zero-day protection against malicious threats posed by email messages, links (URLs), attachments, and collaboration tools.
Microsoft Defender for Office 365 includes:
- Threat protection policies: In addition to a set of default policies, you can define threat-protection policies to set the appropriate level of protection for your organization.
- Reports: View real-time reports to monitor Defender for Office 365 performance in your organization.
- Threat investigation and response capabilities: Use leading-edge features to investigate, understand, simulate, and prevent threats.
- Automated investigation and response capabilities: Save time and effort investigating and mitigating threats. Automated incident response capabilities include automated investigation processes in response to well-known threats that exist today.
Plan types
An important consideration for you and your team is to decide what capabilities or features you want out of Microsoft Defender for Office 365. There are currently two plans to choose from:
- Plan 1 focuses on configuration, protection, and detection capabilities.
- Plan 2 has all of the capabilities of plan 1 but adds automation, investigation, and remediation.
Plan 1
Plan 1 provides the following capabilities:
- Safe Attachments
- Safe Links
- Safe Attachments for SharePoint, OneDrive, and Teams
- Impersonation protection in anti-phishing policies
- Real-time detections
Plan 2
Plan 2 provides these additional capabilities:
- Threat trackers
- Threat explorer
- Automated investigation and response
- Attack simulation and training
- Campaign Views
In your security role, you're looking for a solution beyond simple identification and protection for your organization; you need automation, investigation, and remediation capabilities, which means you choose Plan 2.