Advanced Threat Protection · 2020. 9. 25. · Intelligence Microsoft Defender Advanced Threat Protection Azure Active Directory Office 365 Advanced Threat Protection Microsoft Cloud

ATP

“I can’t apply unified policies across

various data sources or to a specific

repository”

“My data is scattered across sources and

the data continues to grow”

“When enforcing compliance our business users’ productivity is

disrupted”

“I need complete coverage of all my

devices and applications”

“How do I protect sensitive information such as sensitive PII

data across my enterprise?”

“How do I find only relevant data when I

need it?”

Advanced Threat Protection

Office 365

Microsoft

DefenderAzure

Flavors of ATP

Better together

Office 365 ATPMalware detection, safe links,

and safe attachments

Microsoft Defender ATPEndpoint Detection and Response

(EDR) & End-point Protection (EPP)

Azure AD Identity

ProtectionIdentity protection & conditional access

Azure ATPIdentity protection

Microsoft Cloud App SecurityExtends protection & conditional

access to other cloud apps

Browse to

a website

Exploitation

& Installation

Phishing

mail

Click a URL

Open

attachment

Command

& Control

User account

is compromised

Brute force account or use

stolen account credentials

Attacker attempts

lateral movement

Privileged account

compromised

Attacker collects

reconnaissance &

configuration data

Domain

compromised

Attacker accesses

sensitive data

Exfiltrate data

What do they do?

Identities Endpoints User Data Cloud Apps Infrastructure

Users and admins Devices and sensors Email messages and documents

SaaS applications and data stores

Servers, virtual machines, databases,

networks

Microsoft Intune

Office 365 Threat

Intelligence

Microsoft Defender

Advanced Threat

Protection

Azure Active

Directory

Office 365 Advanced

Threat Protection

Microsoft Cloud

App Security

Azure Advanced

Threat Protection

Windows 10

Identities: Validating, verifying and

protecting both user and admin

accounts

User Data: evaluating email messages

and documents for malicious content

Endpoints: protecting user devices and

signals from sensors

Cloud Apps: protecting SaaS applications

and their associated data stores

1

3

2

4

What do they do?

Exchange Online

Protection

Microsoft Intune Office 365 Threat

Intelligence

Microsoft Defender

Advanced Threat

Protection

Azure Active

Directory

Office 365 Advanced

Threat Protection

Microsoft Cloud

App Security

Azure Advanced

Threat Protection

Windows 10

1

3

2

4

What do they do?





Cloud Apps: protecting SaaS applications




accounts

Exchange Online

Protection

Microsoft Intune

Office 365 Threat

Intelligence

Microsoft Defender

Advanced Threat

Protection

Azure Active

Directory

Office 365 Advanced

Threat Protection

Microsoft Cloud

App Security

Azure Advanced

Threat Protection

Windows 10

1

3

2

4

What do they do?





Exchange Online

ProtectionCloud Apps: protecting SaaS applications




accounts


Intelligence

Microsoft Defender

Advanced Threat

Protection

Azure Active

Directory

Office 365 Advanced

Threat Protection

Azure Advanced

Threat Protection

Windows 10

1

3

2

4

What do they do?





Microsoft Cloud

App Security

Exchange Online





accounts


Intelligence

Microsoft Defender

Advanced Threat

Protection

Azure Active

Directory

Office 365 Advanced

Threat Protection

Microsoft Cloud

App SecurityAzure Advanced

Threat Protection

Windows 10

1

3

2

4

What do they do?





Exchange Online





accounts

Office 365 Microsoft DefenderAzure

What

Documents

Advanced Threat Protection · 2020. 9. 25. · Intelligence Microsoft Defender Advanced Threat Protection Azure Active Directory Office 365 Advanced Threat Protection Microsoft Cloud