Unpacking the Microsoft Security Stack: Microsoft Defender for Office 365 Explained

Share this

The Threat

Microsoft Office 365 is an intuitive, innovative and user-friendly suite of productivity applications used by over a million businesses worldwide. As so many users rely on it, it’s no wonder that Office 365 is a frequent target of cyber crime. Therefore, it is vital that you take advantage of the available Microsoft security stack, to offer your business the most comprehensive defence.

An Office 365 subscription offers users access to two of the most major communications platforms on the market: Outlook and Microsoft Teams. Despite the host of connectivity and collaboration benefits that these applications offer, their very nature means that they can be exploited by phishing attacks. Phishing describes a method of cyber attack in which a cyber criminal will pose as a legitimate source and use targeted messaging to trick victims into revealing confidential information or downloading malware to their device. According to a 2021 report from CISCO, phishing attacks now account for over 90% of all data breaches. While phishing scams most commonly take the form of emails, they can also target communications platforms like Microsoft Teams. As phishing poses such a major threat to your business, with potentially catastrophic financial, legal and reputational consequences, it is vital that you secure your Office 365 environment effectively.


The Challenges

Using a third-party solution to protect your Office 365 environment from phishing attacks poses a range of challenges, from complexity to inefficiency and beyond. Using a Microsoft solution, like Defender for Office 365 Plan 1, can help to tackle some of these pervasive issues.

Inefficient integration

Third-party security applications are unlikely to integrate seamlessly with your Office 365 environment. Endless configurations and policy options can make set up and deployment inefficient, while navigating multiple portals makes ongoing security management more challenging. By contrast, Microsoft Defender for Office 365 is specifically designed to support your Office 365 environment and is included in any Microsoft 365 Business Premium subscription.

Managing the threat

As the cyber security landscape is always evolving, phishing attacks no longer just take the form of emails. As noted above, business communication platforms, like Microsoft Teams, are increasingly at risk. You need to invest in a security solution that will protect you from phishing scams across your Office 365 environment and help you to stay secure as cyber attacks continue to mature. Microsoft Defender for Office 365 has recommended templates, configuration insights and customisable policies to help you keep up with the rapid evolution of cyber crime.


The Solution

Microsoft Defender for Office 365 is a crucial part of the Microsoft security stack, prioritising threat detection, investigation and response within the Office 365 environment. Plan 1 has a range of robust, continually evolving security features which will provide your business’ Cloud workspace with a comprehensive defence.

Safe Attachments

This feature verifies the safety of email attachments by opening them in a controlled sandbox environment, where machine learning and analysis techniques are used to scan for suspicious or malicious activity. If the attachment is deemed safe, it is then routed to the user’s inbox. This protection is built into Microsoft Defender for Office 365, covering all incoming emails by default. However, admins are still able to define their own safe attachment policies.

Safe Links

When a user clicks on a link in an email, Safe Links scans and rewrites any embedded URLs to check that they don’t lead to malicious sites. Defender redirects the link to a controlled environment, and the server then checks the link against a list of known, unsafe websites. If secure, the browser then redirects to the intended destination. Safe Link can also execute a ‘Time-of-Click’ verification to ensure that these URLs are analysed again once they are accessed.

Safe Attachments for SharePoint, OneDrive and Microsoft Teams

Microsoft Defender for Office 365 Plan 1 expands upon the core protections offered by EOP. This feature protects SharePoint, OneDrive and Teams by identifying any malicious files that may have been uploaded to any of these key file exchange apps. Using additional threat protections based on ongoing file activity, Defender can automatically isolate potentially dangerous files and restrict user access to them.


Microsoft Defender offers additional layers of phishing protection. With strong anti-phishing, this feature quarantines any communication of a suspicious nature that asks users to provide personal or sensitive information. Additionally, admins can employ advanced controls to protect against URL domain impersonation, utilise mailbox intelligence to analyse email patterns and trends, and whitelist any trusted senders.

Real Time Detection

By detecting threats that enter the Office 365 environment in real time, this feature allows Microsoft Defender to integrate with a Security Information and Events Management (SIEM) solution. This ensures that your applications are given the best defence on all sides.

Microsoft Defender for Office 365 Plan 1 is an effective security solution, providing innovative and advanced protection for your business’ Cloud applications. However, as cyber attacks continue to multiply, it is essential that you ensure that your business is secured from all sides. Luckily, the Microsoft security stack has a range of robust solutions and technologies to keep your business protected. To find out how Microsoft can defend your business at every stage of the security journey, including protection, recovery and analysis, download our comprehensive eBook today.

Microsoft Stack eBook

Posted in
Scroll to Top