There is an increasing amount of companies moving their corporate e-mail to the Office365 cloud
Office365 is a platform for hosted e-mail and collaboration, but not a Cibersecurity Platform
Office365 is a shared platform in the cloud that can be attacked as a whole or some of its services
There is a great amount of third party add-ons without control, that can put in risk your Office365 environment.
Office365 support is very generic, and documentation too extensive
Office365's as well as MS-Exchange's default is to accept e-mails to inexistent mailboxes, and this generates waves of bounces with likely zero-day malware
Office365 is one of the hackers' preferred target to penetrate organizations, specially because it doesn't treat DMARC p=reject correctly and obliges one to write mail flow rules to handle specific cases.
Office365's default is not PCI-DSS compatible and allows unencrypted traffic
Office365 is a very extensive platform to be up-to-date with deploying security fixes
Just to give an example, a phishing attack targeted to a single user, left the Oregon State without e-mail and blacklisted, because the user sent over 8M spam emails https://www.infosecurity-magazine.com/news/oregon-state-employee-falls-for/
Every change in the security settings is stored in the Auditlog, thus facilitating eDiscovery, forensics and as a fundamental tool of Change Management.
All the traffic flow is accesible via Web Interface, facilitating e-Discovery. This way any eventual outgoing phishing or spam can be rapidly located if a user was hacked
Every Mail-Exchanger and Outbound Relay server in AVAS SEG is dedicated, has dedicated IP addresses and holds the company's own antivirus/antispam rules
The AVAS SEG console permits the listing of words, phrases, IP addresses and blocks, whole domains and e-mail addresses to block, to protect you from specific attacks
Extensive use of Planisys DNS to ensure the right settings of DMARC, SPF and DKIM to protect your brand in the Internet, and give visibility to third parties to reject ilegitimate e-mails claiming to originate in your organization
Allows to stop at the earliest moment all e-mails directed to inexistant mailboxes to avoid generating a wave of dangerous bounces (backscattering)
AVAS SEG lets you identify false positives in virus signatures, and also check malicious domains
AVAS SEG provides a log shipping option for feeding SIEMs, typically providing a logstash forward to Splunk or Elasticsearch
AVAS SEG forces the use of TLS to encrypt all emails directed to Office365, and to set PCI-DSS option to encrypt all stages of incoming email
AVAS SEG permits to declare IP addresses or domains that are poorly configured and are important to keep communication with, to put them into a whitelist