Microsoft Launches Threat Tracker Intelligence in Office 365 Security
Recently, Microsoft launched Office 365 threat intelligence for helping businesses to be more secure. They have enhanced the capabilities of an administrator that offer a higher visibility, powerful executable actions, and deeper insights. They announced Threat Tracker in Office 365 Threat Intelligence which renders an effective monitoring and threat investigations management platform, helping business admins to rapidly fix and respond to the threat. This feature is present in ‘Threat Management’ located under Security and Compliance Center.
More on Microsoft Office 365 Threat Tracker
Microsoft team have categorized this new feature in four parts:
- Noteworthy campaigns
- Trending Campaigns
- Saved query of selected threat campaigns
- Tracker query of selected threat campaigns
- Noteworthy Campaigns are categorized for well-known and essential threats all over the world. This provides monitoring to the administrator for rapidly reviewing the threat’s impact by its frequency and volume. The Noteworthy Campaign monitoring enables administrators to speed up with remediation from trending threats. It monitors hour-to-hour update, displaying the current impact of threats to the enterprise. If you want a detailed report on the event, use the Explore option.
- Another Microsoft Office 365 Threat tracker intelligence category i.e., Trending Campaigns view renders a dynamic assessment of email threats. These threats are the one which harshly impacts enterprise’s Office 365 platform. This category works by showing the trend of account level malware, determining malware families on the flat, decline, or rise, providing administrators a deeper insight, demanding for more attention. The current trending threat will not impact your data but, will appear at the top of the web page. This scenario offers a comparative type of view on how a Cyber threat impacts your business versus others. If the targeting percentage of the enterprise is greater than 10 then, it states that it is being particularly targeted by the attack. A responsible administrator should investigate the respective attack in a deeper manner. This is needed to move or delete malware to the junk. These type of attacks are typically short-lived, which means that they might drop out in few days.
- Saved query of selected threat campaigns – This is the 3rd category of Office 365 Intelligence Threat Tracker. Queries play a vital role in the deeper understanding of the threat. This helps administrator to learn the security updates, he/she needs to take for preventing the Cyber Threat. The ‘Saved Queries’ renders a view in all the Explorer searches archived as queries. Administrators are having permission to analyze malware and phish the events with scope described and stored in the Explorer. Saved Queries are used to check items in a frequent manner. In order to generate more queries, click on Explorer, add filters to see a specific set of events and then, click Save Query.
- The last and 4th O365 Threat tracker in Threat Intelligence for Office 365 category is ‘Tracked query of selected threat campaigns’. The campaign provides assessments on daily basis of phish, malware, and other events with scope described from Threat explorer. ‘Tracked query’ monitors different items frequently, rendering reports, permitting a quick and in-depth evaluation of groups or threat. For each organization, a limited set of tracked queries is available. Administrators can make choice in converting stored queries and start tracking them via edit option for associated query.
Microsoft utilizes Office 365 Advanced Threat Protection for finding out the unknown threats. They provide Office 365 Threat Intelligent program to equip a better visibility into the Cyber Security landscape.
