Categories Tech News

Automated Incident Response in Office 365 ATP simplifies cybersecurity

Microsoft has announced the general availability of Automated Incident Response in Office 365 Advanced Threat Protection. These capabilities are designed to improve efficiency and effectiveness of organizational security by adding automation to investigation and response workflows. Here’s what you need to know about the new offering so you can take advantage of it for your cybersecurity team.

Benefits of Automated Incident Response

Today’s companies and organizations face a wide array of cyberthreats. So, security teams are often responsible for investigating a huge number of signals that can come from completely different sources. Responding to all of those incidents can be incredibly complicated and time-consuming, meaning that employees get bogged down and can sometimes even miss or delay responding to critical issues in a timely manner.

By automating parts of the process, the idea is that Automated Incident Response can help security teams save time, become more efficient, and respond to the most important or urgent threats right away. This can help companies save money and avoid serious breaches or similar issues.

How it works

There are a couple of different options for security teams using Automated Incident Response in Office 365 ATP. First, you can set up automatic investigations that are triggered when alerts are raised. These alerts can come from user-reported phishing emails, user clicks on malicious links, malware detected after delivery, or phishing detected after delivery.

You can also set up manually triggered investigations that use an automated playbook. Basically, this means that you can specify when you want to start an investigation, but use the tool’s automation capabilities for pinpointing the issue or source of trouble within an email. You can do this within Threat Explorer any time you have suspicions about an email or related content, like an attachment or hyperlink.

Featured image: Shutterstock

Annie Pilon

Annie Pilon is a freelance writer specializing in topics related to business, marketing, social media, and tech. She has a degree in journalism and marketing from Columbia College Chicago and currently works and lives in Michigan.

Published by
Annie Pilon

Recent Posts

Using Group Policy settings to enforce PowerShell execution policies

Setting PowerShell execution policies at the Group Policy level can greatly enhance your organization’s security.…

6 hours ago

Exchange 2013/2016/2019: Configure your receive connectors correctly

Ah, the good old days — when Exchange 2010 was king. But with each new…

1 day ago

CCPA and GDPR: Similarities and differences you must know

The GDPR and the CCPA are both aimed at protecting privacy. Although many similarities exist…

1 day ago

How to manage and automate Azure DevOps using Azure CLI

Azure DevOps is fast becoming the next big thing. This Azure DevOps Quick Tip shows…

4 days ago

Trench Tales: When you really need to retire that messaging platform

That old messaging platform has served you well, but maybe it’s time to move on.…

4 days ago