prerequisites

• Create a demo tenant how-to-create-an-office-365-tenant-before-testing
• Add a Microsoft 365 E5 License to your test user. (this can be done in trial) Office-365-testing-in-a-demo-environment-in-3-steps/

1. Azure Advanced Threat Protection portal

• If you are entitled to Azure Advanced Threat protection, it is important that you make the best use of the intelligence of these systems. To activate these feautures, you can use the following steps.
• Browse To: https://portal.atp.azure.com/tenantPortal

• Click create

• Your ATP tenant is now ready.

2. CloudappSecurity

• Azure ATP can integrate with Cloud App Security. Below you can see how to perform the integration.
• Tips: https://techcommunity.microsoft.com/t5/enterprise-mobility-security /unified-secops-investigation-for-hybrid-environments/ba-p/360850
• Browse to: https://m365tips.portal.cloudappsecurity.com/#/dashboard (adapt m365tips to your test environment)

That's it!

• You can now set up ATP alerts in Cloud App Security!
• It is also quite handy that you add Office 365 to your cloud app security tenant . That way you can see what data is flowing in and out of your tenant etc.. More soon!

Configure ATP Sensors on all domain controllers.

1. Open the ATP Portal.

• Browse To: https://portal.atp.azure.com
• Enter your AD Domain Administrator
• Enter your AD Domain administrator's password
• Enter your Domain
• Click Save

2. Download ATP sensor

• Download the ATP Sensor
• Place the file on your domain controller(s)

3. Installation of the ATP Sensor

• Open the Azure ATP Sensor Setup

• Click Next

• click Next

• Copy the access key from your ATP Portal

Installation completed!

• Your Active Directory environment will now share account information with Azure ATP.
• Insights can be viewed in the reports.
• Repeat this step for all domain controllers.