URL Detonation and Dynamic Delivery

Hi all,

Most of the articles in this blog are related to information management or SharePoint. But as some of my most recent posts suggest, I’m very interested in information security as-well. As such, I want to tell you about two new features from Microsoft. These are within the Advanced Threat Protection (Exchange Online) space. These features are in preview as of the end of January 2017.

As these features are described in detail at https://blogs.office.com/2017/01/25/evolving-office-365-advanced-threat-protection-with-url-detonation-and-dynamic-delivery/ I will only describe them quickly.

URL Detonation

Advanced Threat Protection already offers ways to protect against malicious links (SafeLinks). But the new URL Detonation feature will scan the file or webpage the link is connected to. When clicking the link, the user will receive a message stating that a scan is underway. If the link is deemed unsafe, a warning will be displayed.

Dynamic Delivery

Scanning e-mail attachments take some time. But with Dynamic Delivery a user can open the e-mail message without having to wait for the scanning process to end.

Dynamic Delivery ensures that an e-mail message and its attachment are delivered to the user. The user can open the e-mail message and will see the attachment. However, the attachment is in-fact scanned in the background. When safe, the attachment is reattached to the e-mail message. If not, the attachment will be deleted.

If the users opens the attachment during the scanning phase, he/she will see the status of the scan.