Learn Microsoft 365 Threat Protection Policies in just 20mins
Вставка
- Опубліковано 29 лип 2024
- This time we delve into the world of Microsoft security and explore the Threat Protection policies within Microsoft Defender for Microsoft 365. From Anti-virus, to Anti-Malware and Anti phishing to Safe links and safe attachments. These are simply a set of tools that you simply have to know. So if you’re a fledgling security pad wan, then this session will turn you into a security Jedi. As always if you enjoy please hit the like button.
Please visit my site www.Andymalone.org - Наука та технологія
![The moment we stopped understanding AI [AlexNet]](/img/n.gif)
Thank you Andy for your tutorials.
100% on the money about the community aspect!! I love it here 👍
I think it is wonderful that you have the “chit-chat” part of your videos! :) Looving it!
Hi Andy, happy to see you back, don't stress much for few more days , better to take rest for few more days
I’ll try but I have a speaking engagement in 2 days. But then I’ll slow down 🤗
Keep up doing the good work Andy. As always I enjoyed watching your content. Hope you feel better soon!
Thanks Patrick I appreciate that. All the best.
Andy, I don't think I've ever commented on a video but you broke me! I just wanted to say thanks for all this information. This has been immensely helpful.
Hey Brad I’m delighted to hear that and thanks so much for your kind comment. All the very best, Andy
Thank you Andy for your contribution
My pleasure thanks 😊
Hello Andy, Thank you very much!
amazing video. this was very informative
Really loving your content Andy, thanks for sharing. Wish i'd found you sooner :)
Thank you so much Tony that means a lot to me. The important thing is you found me now and I really hope that my content helps. Welcome to the community and great to have you on board.😊👍
I watch your videos for insight into the Microsoft ecosystem. You have excellent insight.
Thank you, and I’m delighted to hear that you’re enjoying my channel 👍
Really great information
Andy is the best. Like that IT uncle we all had, but less creepy and way more helpful
Whew I’m so glad to hear that 😆
@@AndyMaloneMVP lol i used to work in chemistry and recently made my move to tech. im a 365 admin. your a life saver man!!! thanks for everything you do
@@jacobpizur8503 hi Jacob, hey that’s great I’m so glad to hear that. The very best of luck with your new career. 😊 👍
Thank you for great explanation i was confused with a lot of concepts and i'm new at EOP it helped me
Glad it helped!
@@AndyMaloneMVP Is there a video talk about Email investigation?
Thanks andy
Thanks very easy to understand
My pleasure and thanks for the nice comment👍😊
You should have more upvotes.. +1 from me... really enjoy the videos..
Aw thank you most kindly 😊
Thank you Andy Sir for this video. Please create a few videos on Powershell.
Here you go ua-cam.com/video/b7SGPchYRn0/v-deo.html
Thanks from India
You’re welcome 👍
Can u please create a content regarding Powershell from A to Z ?
another request, I appreciate it if you can review a bit in-depth the SMTP auth. that you earlier mentioned in the previous video.
Hi Andy, recently found you and really love your videos. They are so helpful. I’m finding the licensing for these functions a little confusing. We have a business that uses business standard, but want to set up some of these features to prevent data theft. Do all users need the E3/E5 licence to put these feature into effect?
You read my mind! I’m going to answer your question in a new short that I’m going to produce in the next couple of days watch out for it.
@@AndyMaloneMVP that’s awesome! Thank you Andy. I’ll keep a lookout for it!
Andy, Thank you so much for your content.
On this EOP we have experienced some features we are not very happy with.
we are trying to block all potential OfficeMacro file types and have them delivered to the quarantine for verification by an admin. M365 Defender does not give an option for such a situation. Senders and or recipients are informed that there has been a malware detected.
Even with Exchange Online, there is no option to adapt that message from "suspicious / risky file type" instead of "malware".
Thanks very much for your question. I’m sure you’ll appreciate that for specific questions relating to a product like this I have to point you towards docs.microsoft.com or consult with the Microsoft technical community this is by far the best way to get your solutions. Thanks again
Thanks again Andy for the awesome content! Actually, I was looking forward to hearing about using antimalware and safe attachments when they work simultaneously, and how we can properly set the priority on which one should be higher in that sense. I tried to test the safe attachment policy but anti-malware works first and catch the email with the test attachment. any good hints?
You’re right Mohammed they are two different technologies but I would say safe attachments is a better solution as sometimes EOP let’s bad stuff through. There is often a delay in safe attachments when you switch it on. Generally they do work together but EOP always runs first. You can set priorities with PowerShell. Check out docs.Microsoft.COM they have Coll some great articles.
@@AndyMaloneMVP thx for your reply Andy! So, do you recommend to disable anti-malware policy to let safe attachment lead the safeguard?
@@mohammedhisham6114 no let them both run. Best practice 👍
Thanks for the video. Have a couple of questions. Can multiple polices be applied to the same user? For example if there are two anti-spam policies...one with higher and one with lower priority. What if there are conflicting settings between the two policies? Thanks!
The most restrictive is the most effective.
@@AndyMaloneMVP Thanks. I found more information here: docs.microsoft.com/en-us/microsoft-365/security/office-365-security/how-policies-and-protections-are-combined?view=o365-worldwide
"If a recipient is defined in multiple policies of the same type (anti-spam, anti-phishing, etc.), only the policy with the highest priority is applied to the recipient. Any remaining policies of that type are not evaluated for the recipient (including the default policy)."
Should I use the @ sign when adding domains to the whitelist?
Read the guide unlearn.microsoft.com @ is the record name
Hey Andy, how its going ?
How could I monitoring everything? the links safe, the bad attachments and others thinks?
Is there any report of who click or access something ? A list of URL blocked by Links safe?
thanks for helping.
Security logs in Defender for 365
Do you know the strategy MSFT has for changing names? Just thought it may be a “documented” MSFT item that you would know. 😏. Great content! Keep the jibber jabber with the content!!
Thanks very much. Yes there is a ton of information on this docs.microsoft.com you should check it out just do a search for windows defender for 365 and also exchange online protection. In terms of a strategy! Not that I’m aware of. However that doesn’t mean to say that one doesn’t exist. Good luck and thanks again.
Do those features require a connected MS Exchange account, or will an usual IMAP mail account be enough?
O MS Outlook accounts are much more secure than Traditional imap
How good is the default setting for anti-phishing? I find adjusting that threshold causes a lot of emails to be caught by the phishing policy. A lot of legitimate emails.
Honestly, I think they’re pretty good. It’s what I use most of the time. However, a lot of people get confused between junk email, and the focused inbox, which used to be clutter. Which of course it’s just a way of organising your email so that the important stuff can be actioned first. No, I think the default rules are pretty good.
@@AndyMaloneMVP Thanks Andy, that's helpful.
Hi Andy, I really love your content. I have a request. Can you please show with examples how we can analyze the quarantined mails. How can we find out why an email was quarantined. Thanks
I’ll add it to my list and thanks 😊
@@AndyMaloneMVP Great thanks
Hope your health is better now stay safe , God bless all
Thank you I appreciate that.
have E3 license but can't see these options for me
You need EM&S
onda que esta todo en español. pero hablas en ingles.. yo se que tengo que aprender... pero esa es la segunda etapa de mi vida.
Espero que los subtitulos cxan ayuden. :-)
Turn off safe Link
Why?
Thank you Andy for your tutorials.
My pleasure!