Bezpieczeństwo

How to view the Advanced Threat Protection Reports

How to view the Advanced Threat Protection Reports

Advanced Threat Protection (ATP) service in Windows helps you prevent zero-day malware attacks by analyzing inbound email attachments for any new threats and blocking them right away. Every ATP classifies a threat into:

  1. Clean - File classified has a minimal risk as no malicious indicators are found.
  2. Suspicious - File classified as medium risk. It poses a potential risk
  3. Malicious - File classified as high-risk. There's a great likelihood of file being laced with malware.

It is therefore essential to review the ATP Report before determining whether to deliver the message.

Viewing Advanced Threat Protection Reports

You can view your ATP reports in the Security & Compliance Center. Go to Reports > Dashboard. There are three kinds of ATP reports:

  1. Threat protection status report
  2. ATP Message Disposition report
  3. Advanced Threat Protection File Types report

Let us take a look at them.

Threat protection status report

To view this report, navigate to Security & Compliance Center, go to Threat management and choose Advanced threats.

Then, for a more detailed status for any day, hover over the graph. The report will offer an aggregated count of unique email messages with malicious content (files or links) blocked by built-in ATP protection features like ATP safe links and ATP safe attachments.

Underneath the chart, you'll see a detailed list of the detections, including subject lines and how each item was detected. Simply select an item to view its observed behavior like, whether the item was inbound or outbound, how it was detected and perform advanced analysis, if necessary.

ATP Message Disposition report

The ATP Message Disposition report basically displays the actions confirmed for email messages that were suspected to have malicious URLs or files.

For viewing this report, go to Reports section visible under the 'Security & Compliance Center'> Dashboard and then, ATP Message Disposition.

Simply click the report to open it and get a more detailed view of the report.

Advanced Threat Protection File Types report

It informs a user about malicious website links (URLs) and malicious files detected through ATP safe links and safe attachments policies (we'll cover this topic in our upcoming post)

To view this report, Reports section as outlined above, select 'Dashboard'> ATP File Type.

Next, when you move your mouse cursor over a particular day, you can notice the number of malicious URLs or files were detected. Click the ATP File Types report to get a more detailed view of the report.

Thus, ATP provides a way for users to create and define policies that can ensure users access only to links in emails or attachments to emails that are identified as not malicious.

For details, you may visit office.com.

Mysz Emulate Mouse clicks by hovering using Clickless Mouse in Windows 10
Emulate Mouse clicks by hovering using Clickless Mouse in Windows 10
Using a mouse or keyboard in the wrong posture of excessive usage can result in a lot of health issues, including strain, carpal tunnel syndrome, and ...
Mysz Add Mouse gestures to Windows 10 using these free tools
Add Mouse gestures to Windows 10 using these free tools
In recent years computers and operating systems have greatly evolved. There was a time when users had to use commands to navigate through file manager...
Mysz Control & manage mouse movement between multiple monitors in Windows 10
Control & manage mouse movement between multiple monitors in Windows 10
Dual Display Mouse Manager lets you control & configure mouse movement between multiple monitors, by slowing down its movements near the border. Windo...