ESET Online Help

Search English
Select the topic

Key features

The following table provides a list of available features in ESET Cloud Office Security.


You can protect and manage multiple Microsoft 365 and Google Workspace tenants from one ESET Cloud Office Security console. Azure Active Directory (Azure AD) organizes objects like users and apps into groups called tenants. Tenants allow you to set policies on users and apps within your organization to meet security and operational policies.


Antispam is an essential component for any mail server. ESET Cloud Office Security uses a state-of-the-art Antispam engine that prevents spam and phishing attempts with very high catch rates. ESET Cloud Office Security has consecutively won spam filtering tests by Virus Bulletin, a leading security testing authority, and received the VBSpam+ certification for several years. The Antispam engine has achieved a 99.99% spam catch rate with zero false positives making it an industry-leading technology in spam protection. ESET Cloud Office Security Antispam is cloud-based, and most of the cloud databases are located in ESET data centers. Antispam cloud services allow for prompt data updates that provide quicker reaction time when new spam emerges.

Anti-Phishing protection

This feature prevents users from accessing web pages known for phishing. Email messages may contain links that lead to phishing web pages. ESET Cloud Office Security uses a sophisticated parser that searches the message body and subject of incoming email messages to identify such links (URLs). The links are compared against a phishing database that is updated continuously.

Anti-Malware protection

An award-winning and innovative defense against malware, this leading-edge technology prevents attacks. It eliminates all types of threats, including viruses, ransomware, rootkits, worms, and spyware, with cloud-powered scanning for even better detection rates. Its small footprint is light on system resources and does not compromise performance. Anti-Malware detection uses a layered security model. Each layer, or phase, has several core technologies. The Pre-execution phase includes the following technologies: Unified Extensible Firmware Interface (UEFI) Scanner, Network Attack Protection, Reputation & Cache, In-product Sandbox, DNA Detections. The Execution phase technologies are Exploit Blocker, Ransomware Shield, Advanced Memory Scanner, and Script Scanner (AMSI). The Post-execution phase uses Botnet Protection, Cloud Malware Protection System, and Sandboxing. This feature-rich set of core technologies provides an unrivaled level of protection.


Larger organizations usually have multiple departments and want to configure different protection settings for each organizational unit. ESET Cloud Office Security provides policy-based protection settings that can be assigned to selected Tenants, Users, Team groups or SharePoint sites. You can customize each policy according to your needs.

Quarantine manager

Inspect quarantined objects and perform an appropriate action (download, delete, or release). This feature offers simple management of email messages, attachments, and files from Exchange Online / OneDrive / Team groups / SharePoint sites that have been quarantined by ESET Cloud Office Security . The download gives you the option of analyzing quarantined objects with third-party tools, if required, to help when deciding what action to take.

Dashboard with detection statistics

Get a quick overview of security activities within Microsoft 365. The dashboard provides essential information in each of the overview tabs (Exchange Online / OneDrive / Team groups / SharePoint sites). User overview shows the number of Tenants and License usage, and statistics per each Tenant — Number of users, Top recipients of spam/phishing/malware, and Top suspicious OneDrive accounts, Top suspicious Team groups and SharePoint sites. You can choose a time period and a Tenant to display the statistics for. Further detection statistics and graphs are visible in the Exchange Online, OneDrive, Team groups and SharePoint sites overview tabs. These are statistics such as the number of scanned emails and files and the number of detected spam/phishing/malware. The graphs show the traffic for each detection type — spam, malware, and phishing.

Detections with filtering options

This feature contains all records about detections. The records include logs of every detection by email scan in the Exchange Online tab and file scan in the OneDrive / Team groups / SharePoint sites tabs. This makes it possible to filter and effectively find what you are looking for by using additional information about the specific detection (for example, a name of the infiltration, file hash).


The central entity that ESET Cloud Office Security protects is the user account. Find useful information by opening the Details of a user, such as an Overview, Settings defined by Policies, list of Policies assigned to the user, and Detections for Exchange Online and OneDrive. This feature helps to investigate detections related to a specific user. You can also choose which users to protect. Users are sorted into groups. Each group is an Microsoft 365 tenant containing its users. Use multiple filtering criteria to make searching for a specific user within a group easier.

Reporting & Machine Learning Protection

Advanced Machine learning is now a part of the detection engine as an advanced layer of protection, which improves detection based on Machine learning. Read more about this type of protection in the glossary. You can configure Reporting levels for the following categories: Malware, Potentially unwanted applications (PUAs), Potentially suspicious applications, and Potentially unsafe applications.

Reports (Statistical and Mail quarantine)

Receive statistical data for Exchange Online, OneDrive, Team groups and SharePoint sites via email, or generate and download a one-off report for a chosen period. You can schedule reports to generate and get distributed to specified email recipients regularly. Choose PDF or CSV as an output format. Reports contain data such as a number of scanned emails, detected malware, phishing, and spam. PDF format includes data shown in graphs. There is a graph for each — scanned emails, malware traffic, phishing traffic, and spam traffic. It also contains separate statistics for top recipients for each category: malware, phishing, and spam. There are several available options for generating reports. Additionally, you can have a Mail Quarantine report — a list of quarantined email messages — delivered to selected recipients. The Mail Quarantine report is sent on the specified date and time, but only if there are new items to be reported.

Teams & Sites

ESET Cloud Office Security provides protection for Team groups or SharePoint sites. This widens protection to Microsoft 365 collaboration solutions by protecting SharePoint and Teams enabling secure file sharing. If you have been using ESET Cloud Office Security, you may be asked to update consent before using Teams & Sites.

ESET LiveGuard Advanced

An additional layer of protection against advanced zero-day threats. ESET LiveGuard Advanced is a cloud-based sandboxing solution that analyzes submitted files by executing suspicious code in an isolated environment to evaluate its behavior. ESET Cloud Office Security submits suspicious email attachments and files from Exchange Online, OneDrive, Team groups and SharePoint sites to ESET LiveGuard Advanced for analysis. Enable and configure ESET LiveGuard Advanced feature using policies. Results of the analysis are shown in Scan logs.

Audit log

The Audit log enables the Administrator to inspect the activities performed in the ESET Cloud Office Security. This feature may be useful, especially when you have multiple ESET Cloud Office Security console users. The Audit log records are evidence of the activities and show the sequence in which they occurred. Audit logs store information about the specific operation or event. Audit logs are created whenever a ESET Cloud Office Security object (License pool, User, Policy, Report, Quarantine item such as attachment) is created or modified.

Google Workspace (Gmail and Google Drive protection)

ESET Cloud Office Security expands the security services coverage to another leading cloud email provider, Google Workspace. ESET Cloud Office Security provides comprehensive protection to Gmail and Google Drive users by utilizing all its features. It keeps Google Workspace users safe from malware, phishing, and spam.

SysLogs export

Enables you to export logged events listed in Detections and send them to your Syslog server. You can choose what events you want to export. The events are for Exchange Online/Gmail, OneDrive/Google Drive, Team groups and SharePoint Online. Select the tenants for which you want to receive the events. You can set up multiple SysLog exports and activate/deactivate them as needed.