Microsoft Defender for Office 365 (plan 2) contains the Threat Explorer feature. It's a useful way to investigate problematic messages which arrive in a tenant.
Are there any security or compliance concerns for Office 365 customers who allow emails to be sent to Microsoft Teams channels?
How does the Dynamic Delivery feature of Exchange Online Advanced Threat Protection (ATP) impact customers who use journaling for compliance and archiving.
Here's my experience using the Advanced Threat Protection features in Exchange Online Protection to protect my Office 365 tenant.