Microsoft is adding some security tools, dubbed Advanced Threat Protection, to Office 365 for its business and government subscribers.
The utilities will try to curb malware writers and phishers seeking to exploit vulnerabilities via emailed attachments and links.
"As hackers around the globe launch increasingly sophisticated attacks, many organizations are seeking tools that provide advanced protection," said Shobhit Sahay, technical product manager for the cloud-hosted Office 365 team.
"That’s why we are pleased to introduce Exchange Online Advanced Threat Protection (ATP), a new email filtering service that provides additional protection against specific types of advanced threats."
Office 365's Exchange already has a signature-based malware blocking system, but these types of security mechanisms are increasingly useless considering how easy it is now to tweak malware. Redmond is now adding Safe Attachments, which scans incoming email for dodgy code by opening the attachment in a hypervisor environment and checking to see if it behaves like malware.
Another tactic by miscreants is to direct victims to malicious websites hosting malware. Links to these drive-by-infection sites are usually blocked if the URL is on a blacklist, so scammers are now hiding them behind seemingly innocuous redirectors, but ATP adds the ability to deeply scan all URLs to see if there is a malicious twist of direction hidden in there.
Sysadmins are also going to get improved reporting tools for security mechanisms with APT. This isn't only handy for justifying budgets, but also allows admins to add arbitrary email addresses and URLs to an internal blacklist, rather than just relying on Microsoft's.
The price for ATP is $2 per user per month for enterprise users, and $1.75 per user per month for those using Office 365 for government. Office 365 Government Community Cloud (GCC), Office 365 Education and Office 365 Nonprofit customers are out of luck.
Microsoft is going to be testing the service with select users over the next few months. The full service is expected to go live this summer. ®