Microsoft is working to improve Microsoft Defender for Office 365 with priority protection features for high-profile employee accounts, such as executive-level managers, that threat actors are most likely to target.
Microsoft Defender for Office 365 (formerly known as Office 365 Advanced Threat Protection) provides Office 365 business accounts with protection against advanced threats, including credential phishing and business email intrusion, automatically restoring detected attacks.
The feature is currently in public preview and Microsoft plans to make it publicly available to all customers with Microsoft Defender Advanced Threat Protection in November 2020.
Customers who will have access next month will be required to have Defender for Office 365 Plan 2 plans, including those with Office 365 E5, Microsoft 365 E5, or Microsoft 365 E5 Security.
Easier to focus protection efforts on the C-suite
“In recent years, attackers have increasingly moved from targeting infrastructure or devices to targeting users,” Microsoft said in a roadmap describing the new feature.
“As a result, organizations need protection for all users, but even more protection for their most visible and targeted employees.”
Once available, the new feature known as Priority Account Protection would allow an organization’s security team to provide critical accounts with customized protections to prevent targeted attacks that can lead to security breaches.
Priority Account Protection prioritizes alerts and threat investigations involving the most visible or targeted users of an organization.
It also allows security teams to more easily identify attacks on critical Office 365 accounts and quickly move their efforts to campaign research involving C-suite users.
“These Priority account tags and filters are found throughout the product, including alerts, Threat Explorer, Campaign Views, and reports,” Microsoft explains.
Microsoft is also working to include SMTP MTA Strict Transport Security (MTA-STS) support in Exchange Online to secure the security and integrity of Office 365 customers’ email communications as of December 2020.
Source: bleeping computer