Glossary

    B
  • business email compromise (BEC)
    A cyber threat in which the attacker sends an email whose contents impersonate a legitimate corporate email account in an attempt to gain information or money from the recipient. Typically these emails don’t contain malicious content in the form of links or files.
    • C
  • Calendar Tool
    Enables you to display page results based on a date range you select. Available on the Malicious, Events, and Reports pages.
  • Clients Page
    Provides access to client information such as the date SaaS Defense was activated for the client, the number of malicious attacks (if any) attempted on the client's Microsoft 365 applications, and the number of seats protected for each of those applications.
  • comma-separated values (CSV) file
    A text file that uses a comma to separate values. Each line of the file is a data record that includes one or more fields, separated by commas. Each line ends with a line break.
    • D
  • Datto SaaS Defense
    An Advanced Threat Protection (ATP) security solution specifically designed to protect the Microsoft 365 suite of applications. It uses data-independent technology enabling it to detect a threat the first time it is encountered.
  • Defense Report Threat add-in application
    Enables client end users to notify the MSP via Outlook when an email may have been incorrectly allowed or blocked by Datto SaaS Defense.
  • Detection Summary report
    Contains the same information as the Malicious Report but in a downloaded CSV file.
    • E
  • Email Threat Report
    A customized threat report listing the malicious email threats intended for the end user's inbox that Datto SaaS Defense has quarantined. Allows the end user to act on an email, if necessary. Sent at specified intervals.
  • Events Page
    Lists the records for which a client has submitted a report via the Defense Report Threat application indicating an email was mishandled by Datto SaaS Defense.
  • extortion
    The threat of a malicious attack (i.e., denial of service, data compromise) unless payment is received.
    • F
  • filtering
    Selecting page options to display only the records that match the options selected.
    • L
  • Live Search
    A feature that enables searching for and quarantining of malicious emails Datto SaaS Defense may have missed.
  • Lucky Meter
    A service that shows your organization's vulnerability to malicious threats that have not been encountered before. It uses the freshest in-the-wild cyber attacks (instead of simulated threats) to continuously test your email defenses.
  • Lucky Meter Report
    Available on the Reports page, the Lucky Meter Report provides a deeper dive into attack results.
    • M
  • malicious
    The verdict Datto SaaS Defense assigns to a suspected threat when the application is running in Monitoring mode.
  • Malicious Page
    Contains detailed information about security threats that have been prevented by Datto SaaS Defense. Provides threat analysis tools.
  • Malicious Report
    A report available on the Reports page that provides overall attack detection information in a downloaded PDF file for the selected client and time frame. Includes total number of attacks detected and the percentage of each attack type.
  • malware
    A cyber threat where the attacker sends an email containing malicious links or files that when accessed can infect an environment.
  • Monitoring Mode
    In monitoring mode, Datto SaaS Defense identifies suspicious content but does not take any action. The content remains in its current location and the MSP determines the actions to take.
    • N
  • notification
    A standard message the MSP creates that is automatically sent to the MSP when a certain situation, such as a malicious attack, occurs.
  • Notifications Page
    Includes the notification records that the MSP has added to the environment.
    • O
  • operating modes
    Datto SaaS Defense can be run in one of two operating modes: In Prevention mode, the default operating mode, the application quarantines suspicious emails within seconds of reaching the intended recipient. In Monitoring mode, the application identifies suspicious content but does not take any action.
    • P
  • Permitted Emails Rule
    A rule you configure that automatically allows (allowlists) access to emails which match the criteria, such as the sender's email address, you specify in the rule.
  • Permitted URLs Rule
    A rule you configure that automatically allows access to the content (i.e., email, Word file, etc.,) in which a website's URL address you specify is included.
  • phishing
    A cyber threat in which the attacker impersonates a legitimate entity by sending a fraudulent email that may include links to a fake website, hoping the user enters his/her credentials.
  • policy
    A rule that blocks or allows access to content based on the criteria specified in the policy.
  • Prevention Mode
    The default operating mode. In prevention mode, Datto SaaS Defense quarantines suspicious content. When quarantining content, any malicious content is made inaccessible to an end user. Suspicious content determined not to be malicious, such as spam, is identified as suspicious but is still accessible to an end user. The specific quarantining steps the application performs depends on whether the suspicious content is part of an email or a document.
    • Q
  • quarantine
    When operating in Prevention mode, any malicious content is made inaccessible to the end user. The specific quarantining steps the application performs depends on whether the suspicious content is part of an email or a document.
  • quarantined
    The verdict Datto SaaS Defense assigns to a suspected threat when the application is running in Prevention mode.
    • R
  • regular expression (regex)
    A string of text allowing you to create patterns that help match text and perform actions.
  • Reports Page
    Enables MSP to create customized reports that provide a high-level view of malicious traffic. Allows MSP to create multiple reports customized for each client.
  • Restricted Emails Rule
    A rule you configure that automatically blocks (blocklists) access to emails which match the criteria, such as the sender's email address, you specify in the rule.
  • Restricted URLs Rule
    A rule you configure that automatically blocks access to the content (i.e., email, Word file, etc.,) in which a website's URL address you specify is included.
  • role based access control (RBAC)
    The role assigned to a user dictates the specific rights and restrictions the user has when working with client policies.
    • S
  • seat type
    Indicates an end user has a license for a specific Microsoft 365 service.
  • service
    A specific application used in an environment.
  • spam
    An email usually sent to many recipients for commercial advertising purposes.
    • T
  • threat incident
    When an end user determines an email should have been quarantined or when an email should not have been quarantined. End user should report an incident using the Datto SaaS Defense Report Threat Outlook application.
    • V
  • verdict
    The action taken by Datto SaaS Defense or by the MSP to handle a malicious threat.
    • W
  • Weekly Traffic Chart
    At the top of each service page, the Weekly Traffic chart shows the total number of scans that have been performed on the service's content for the week.