Categories Tech News

Automated Incident Response in Office 365 ATP simplifies cybersecurity

Microsoft has announced the general availability of Automated Incident Response in Office 365 Advanced Threat Protection. These capabilities are designed to improve efficiency and effectiveness of organizational security by adding automation to investigation and response workflows. Here’s what you need to know about the new offering so you can take advantage of it for your cybersecurity team.

Benefits of Automated Incident Response

Today’s companies and organizations face a wide array of cyberthreats. So, security teams are often responsible for investigating a huge number of signals that can come from completely different sources. Responding to all of those incidents can be incredibly complicated and time-consuming, meaning that employees get bogged down and can sometimes even miss or delay responding to critical issues in a timely manner.

By automating parts of the process, the idea is that Automated Incident Response can help security teams save time, become more efficient, and respond to the most important or urgent threats right away. This can help companies save money and avoid serious breaches or similar issues.

How it works

There are a couple of different options for security teams using Automated Incident Response in Office 365 ATP. First, you can set up automatic investigations that are triggered when alerts are raised. These alerts can come from user-reported phishing emails, user clicks on malicious links, malware detected after delivery, or phishing detected after delivery.

You can also set up manually triggered investigations that use an automated playbook. Basically, this means that you can specify when you want to start an investigation, but use the tool’s automation capabilities for pinpointing the issue or source of trouble within an email. You can do this within Threat Explorer any time you have suspicions about an email or related content, like an attachment or hyperlink.

Featured image: Shutterstock

Annie Pilon

Annie Pilon is a freelance writer specializing in topics related to business, marketing, social media, and tech. She has a degree in journalism and marketing from Columbia College Chicago and currently works and lives in Michigan.

Published by
Annie Pilon

Recent Posts

Exchange errors: Common problems and commonsense fixes

Exchange errors are the curse of every IT admin’s job. Here are some common issues you may face — and…

2 hours ago

Losing your edge? 7 free tools to keep you focused at work

Staying focused at work in an always-connected world is hard! Here’s how to use tech — and some free tools…

19 hours ago

What’s next in the evolution of biometrics and facial recognition technology?

Facial recognition technology has matured to the point of being reliable — for better or for worse. What does the…

23 hours ago

Locking down your Exchange server with cipher suites

Cipher suites are a set of algorithms you need to secure your environment, either by using SSL and TLS. Here’s…

1 day ago

AI cyber risks: What to look out for when deploying AI technology

Artificial intelligence has greatly improved modern life. But businesses must recognize that AI cyber risks exist and take appropriate measures.

2 days ago

Review: Office 365 synchronizing and administration tool CiraSync

CiraSync offers an enterprise solution for syncing global address list contacts and calendars to smartphones and other mobile devices. Here’s…

2 days ago