Overview:
Email remains the number-one attack vector for organizations of every size, and Microsoft Defender for Office 365 is the frontline defense.
This comprehensive workshop provides a complete, step-by-step guide to setting up and configuring Defender for Office 365 - from Safe Attachments and Safe Links to anti-phishing policies, Zero-Hour Auto Purge, and advanced threat investigation tools. Attendees will configure preset security policies, build custom protection rules, set up user-reported message workflows, and learn to use Threat Explorer for post-breach investigation. The session covers both Plan 1 and Plan 2 capabilities so attendees understand exactly what protections are available at each licensing tier.
Why you should Attend:
A single malicious email can bypass distracted users and trigger account compromise, fraudulent payments, or malware spread. This workshop shows how to configure Defender for Office 365 before email becomes the organization's weakest link.
Areas Covered in the Session:
- Defender for Office 365 architecture: how protection layers integrate with Exchange Online Protection (EOP)
- Configuring Safe Attachments policies: dynamic delivery, detonation, and file-type controls
- Setting up Safe Links: URL rewriting, time-of-click verification, and block lists
- Anti-phishing policies: impersonation protection, mailbox intelligence, and spoof settings
- Zero-Hour Auto Purge (ZAP): how Defender retroactively removes threats from mailboxes
- Preset security policies vs. custom policies: when to use each approach
- User-reported messages: configuring the Report Message add-in and admin review workflows
- Threat Explorer and Real-Time Detections: investigating email threats post-delivery (Plan 2)
- Attack simulation training: setting up phishing simulations for user awareness (Plan 2)
Who Will Benefit:
- IT Administrators
- Microsoft 365 Administrators
- Security Engineers
- Managed Service Providers
- Email Security and Collaboration Security Teams