O365 Advanced Threat Protection (ATP) is designed to keep employees’ email inboxes safe from the ravages of all kinds of malware, and as the name suggests, the new URL Detonation feature guards against malicious links in messages.
If an email arrives containing a link, ATP already uses URL reputation checks to detect anything potentially nasty, but it now goes further and analyses the web address for any signs of malicious content.
Should an impatient user click the link before ATP is finished scanning, they will simply be warned that the link is currently being analysed. If anything bad is picked up on, the link will of course be blocked from opening, and any potential infection will be avoided.
The admin can also set up a SafeLink policy to track user clicks, and thus trace which users have ignored warnings and visited a blocked site anyway.
The second introduction Microsoft has made is Dynamic Delivery, which simply means that while email attachments are being scanned for malware by ATP, users are free to read and respond to the message. They don’t have to wait for the scan to finish to do this, in other words.
Outlook displays a placeholder for the attachment while it’s still being scanned, and if the impatient user clicks on that, they’ll see a progress bar for the scan, so they know how long they’ve got to wait before opening said file.
Obviously if the attachment is found to carry some kind of a virus or the like, it won’t be made available for opening.
Microsoft notes that URL Detonation can be switched on via the policy controls in the Safe Links admin window under Settings, and you’ll find the button to turn on Dynamic Delivery in the Safe Attachments admin control window – again, head to Settings.
The above article was taken from Tech Radar –