What’s the difference between Azure ATP, O365 ATP, and Defender ATP?

by | Sep 16, 2020 | Security

With the various flavors of Advanced Threat Protection (ATP) that Microsoft offers, it’s important to know their features to understand how each one matches your business’ security needs.  Let’s look at the benefits of Azure ATP, Office 365 ATP, and Microsoft Defender ATP to know the difference between them. 

 Azure ATP

 Azure ATP is focused primarily on identity security, protecting your on-premises Active Directory (AD) users.  It is designed to become familiar with user behavior and activities in order to be able to identify malicious activities that deviate from those norms.  In being so accustomed to the original, the counterfeit stands out like a sore thumb. 

Azure ATP also provides helpful recommendations to improve configurations for your identities to make user profile compromises that much more challenging.  With compromises always on the rise, every improvement is essential. 

Office 365 ATP

Office 365 ATP is aimed at protecting users from malicious activity via messaging platforms.  With the Plan 1 license applied, your messages go under the magnifying glass.  If you’re sent malicious links or attachments in email or chat, O365 ATP has you protected.  Links are masked and attachments are tested for safety.  Office 365 ATP also enforces anti-phishing policies.  It comes with reporting as well.  

Microsoft Defender ATP

 Microsoft Defender ATP is aimed at endpoint detection and response.  Windows comes with the Defender product, but Defender ATP takes things to a whole new level.  With the Threat & Vulnerability Management dashboard, you obtain visibility into vulnerability and misconfigurations on your systems.  The Security Operations dashboard shows you active alerts and suspicious activities that may need action. 

 Defender ATP can detect and respond to attacks by noticing activities that not typical for the device.  There’s alert and log correlation technology, and you can also act on threats by isolating machines or quarantining files to block them from your network.  It is licensed per-user, but it covers up to 5 concurrent devices for that user. 

 Whether the threat comes from an email, a brute force login attempt, or PC malware, there’s an ATP solution to address it.  If you would like to further discuss security solutions that can keep you and your organization protected, please contact us at info@peters.com.  We are happy to help!