Microsoft Office 365 Advanced Threat Protection (Plan 2) provides information on security threats using data from various sources that is based on billions of data points from Microsoft global data centers, Office clients, email, user authentications, signals from the Windows and Azure ecosystems and other incidents that impact the Office 365 ecosystem.
Office 365 Advanced Threat Protection (Plan 2) for Students includes everything in Plan 1, plus features for Automation, Investigation, Remediation and Education that include Threat Trackers, Explorer advanced threat investigation, automated investigation and response, and Attack Simulator.
Office 365 Threat Intelligence can be used for analyzing the organization’s Office 365 environment to proactively find and eliminate threats. Threat Intelligence appears as a set of tools and dashboards in the Security & Compliance Center to the organization understand and respond to threats.
Administrators can use the Threat dashboard to see threats that have already been handled, and as a handy tool for reporting out to business decision makers on what Threat Intelligence has already done to secure the business.
Businesses investigating or experiencing an attack against their Office 365 environment can use the Threat explorer to analyze threats. Threat explorer shows the volume of attacks over time, and enables the analysis of this data by threat families, attacker infrastructure, and more. You can also mark any suspicious email for the Incidents list.