If your organization has Microsoft 365 Advanced Threat Security (ATP) and has the necessary permissions, you can use multiple ATP reports in the Security and Compliance Center. (Go to Reports> Dashboard)
Threat Protection Status Report
The Threat Protection Status Report is a single view that obtains malicious content as well as information about malicious email and Exchange Online Protection (EOP) as well as blocking by Microsoft 365 ATP. This report is useful for observing detention over time (up to 90 days), and enables security administrators to identify trends or determine whether adjustments have been made to policies.
The Threat Protection report provides an overall count of unique email messages with malicious content, such as files or website addresses (URLs) that were blocked by anti-malware engines.
The Threat Protection Report is available to customers who have a Microsoft 365 ATP plan or Exchange Online Protection (EOP) plan. However, the information shown in the Threat Protection report for ATP customers will likely contain different data than the data seen by EOP customers. for example, The threat protection estimation report for ATP customers will contain information about malicious files found in SharePoint Online, OneDrive. Such information is specific to ATP, so customers who do not have EOP, but ATP will not see those details in their Threat Protection status report.
To view the Hazard Protection Status Report at the Safety and Compliance Center, Go to Report> Dashboard> Threat Security Status.
To get a detailed position for a day, hover over the graph. By default, the Threat Protection Status report shows data for the last seven days. However, you can choose a filter to view data up to 90 days and change the date range. (If you are using a trial subscription, you may be limited to 30 days of data.)
You can also use View Data from the menu to change the information displayed in the report.
ATP File Type Report
The ATP file type report shows you the type of files found by ATP secure attachments as malicious.
To view this report, in the Security and Compliance Center, go to Reports> Dashboard> ATP File Type.
When you hover over a particular day, you can see a breakdown of the types of malicious files detected by ATP Safe Attachments and Anti-Spam as well as Anti-Malware Protection in Microsoft 365.
ATP Message Dispute Report
The ATP Message Settlement Report shows you the actions that were performed for email messages found as malicious content.
To view this report, in the Security and Compliance Center, go to Reports> Dashboard> ATP Message Dispute.
When you hover over a bar in the chart, you can see what action was taken for the email you searched for that day.
What permissions are required to view an ATP report?
To view and use the reports described in this article, you must have an appropriate role for both the Security and Compliance Center as well as the Exchange Administration Center.
For the Security and Compliance Center, you must have one of the following roles:
organization Management.
Security Administrator (this can be assigned in the Azure Active Directory Admin Center (https://aad.portal.azure.com)
Security reader
For Exchange Online, you must have roles assigned to one of the Exchange Administration Center (https://outlook.office365.com/ecp)
organization Management
See only organization management
View-only recipient role
compliance management
๐๐Thank you for reading our blogs, please do like share and share your thoughts in the comment in the comment section.
Comments
Post a Comment