[Email Security] Learning path (#18170)

* [Email Security] Learning path

* Update src/content/docs/learning-paths/secure-o365-email/get-started/create-email-security-account.mdx

Co-authored-by: hyperlint-ai[bot] <154288675+hyperlint-ai[bot]@users.noreply.github.com>

* Update src/content/docs/learning-paths/secure-o365-email/concepts/prevent-phishing-attack.mdx

Co-authored-by: hyperlint-ai[bot] <154288675+hyperlint-ai[bot]@users.noreply.github.com>

* Update src/content/docs/learning-paths/secure-o365-email/concepts/prevent-phishing-attack.mdx

Co-authored-by: hyperlint-ai[bot] <154288675+hyperlint-ai[bot]@users.noreply.github.com>

* Adding LP to main directory

* Fixing image issue + styling

* Adding module 3

* Fix link

* Adding some bits of module 4

* Fixing link

* Adding modules 5 and 6

* Shortening learning path title

* Improve formatting

* Reorganize, adding table

* Reverting unneccessary change

* Remove vs code change

* Typos and rewording

* Reorder pages, change content type, adding set up api page, add subheading, add links for seo

* Adding clarity + correcting typos

* Apply suggestions from code review

Co-authored-by: Jun Lee <[email protected]>

* Applying suggestions

---------

Co-authored-by: hyperlint-ai[bot] <154288675+hyperlint-ai[bot]@users.noreply.github.com>
Co-authored-by: Jun Lee <[email protected]>

Author: 3 people

src/assets/images/learning-paths/secure-o365-email/api-and-journaling-deployment.png

@@ -0,0 +1,7 @@
+---
+pcx_content_type: navigation
+title: Secure Microsoft 365 email with Email Security
+external_link: /learning-paths/secure-o365-email/
+sidebar:
+  order: 4
+---

src/assets/images/learning-paths/secure-o365-email/ms365-api-deployment.png

@@ -0,0 +1,16 @@
+---
+title: Concepts
+pcx_content_type: overview
+sidebar:
+  order: 1
+---
+
+Review the concepts behind Cloudflare's Email Security.
+
+## Objectives
+
+By the end of this module, you will be able to:
+
+* Explain how Cloudflare works.
+* Describe what Email Security is. 
+* Understand how Cloudflare prevents email-based phishing attacks.

src/content/docs/cloudflare-one/implementation-guides/secure-o365-email.mdx

@@ -0,0 +1,20 @@
+---
+title: How Cloudflare prevents email-based phishing attacks
+pcx_content_type: overview
+sidebar:
+  order: 5
+---
+
+Cloudflare Email Security uses a variety of factors to determine whether a given email message attachment, URL, or specific network traffic is part of a phishing campaign.
+
+These small pattern assessments are dynamic in nature. Cloudflare's automated systems use a combination of factors to clearly distinguish between a valid phishing campaign and benign traffic.
+
+Cloudflare's vast global network detects emergent campaign infrastructure and aggregates data for Cloudflare's proprietary analytics engine SPARSE.
+
+SPARSE uses AI and ML models to make effective detections for all types of malicious emails, including Business Email Compromise (BEC). 
+
+In a BEC attack, the attacker falsifies an email message to trick the victim into performing some action - most often transferring money to an account or location the attacker controls. 
+
+To detect these low volume, malicious emails that do not contain malware, malicious links or email attachments, Cloudflare analyzes the email thread, content, sentiment and context via message lexical analysis, subject analysis and sender analysis. Display names are also compared with known executive names for similarity using several matching models. 
+
+Refer to [How we detect phish](/email-security/reference/how-we-detect-phish/#sample-attack-types-and-detections) to learn more about additional attack types and detections. 

src/content/docs/learning-paths/secure-o365-email/concepts/index.mdx

@@ -0,0 +1,16 @@
+---
+title: Protect your organization from phishing attacks
+pcx_content_type: overview
+sidebar:
+  order: 6
+---
+
+In the early 2000s, Secure Email Gateways (SEGs) were introduced to deal with a growing need around the routing and filtering of email. While SEGs were successful at their mission for many years, their fundamental design has made it impossible for them to keep pace as phishing threats rapidly grow in scope and sophistication. 
+
+Continuously updating manual rulesets and policies that were originally built for on-prem servers only inflates the amount of time and effort involved in maintaining a SEG. This has resulted in an increase in cost and complexity while still falling short of catching the most dangerous threats, such as business email compromise (BEC) attacks.
+
+As organizations continue to adopt Microsoft 365 to enhance communication and collaboration for their hybrid workforce, it is crucial to take advantage of Microsoft's native security features while integrating complementary, machine learning-based solutions to automatically block and isolate the most dangerous threats. This strategy not only significantly reduces phishing risk, but also simplifies workflows, minimizing the time and effort needed for ongoing security management.
+
+Analysts agree that consolidating capabilities to minimize overlapping functionality is helping organizations reduce cost and complexity. However, they also advise organizations to carefully assess native features to ensure they satisfy all use cases. As Microsoft continues to build out its essential email security features, the growing overlap with SEGs has given organizations an opportunity to streamline security operations by leveraging capabilities already included in their E3 or E5 license. 
+
+This shift enables organizations to eliminate complex and costly SEG deployments, redirecting a fraction of that budget to integrate lightweight solutions that effectively address the most dangerous phishing threats. Cloudflare Email Security provides an integrated, low-touch solution that augments Microsoft 365 using machine learning threat analysis to automate the detection of BEC and multi-channel attacks.

src/content/docs/learning-paths/secure-o365-email/concepts/prevent-phishing-attack.mdx

@@ -0,0 +1,10 @@
+---
+title: What is Cloudflare?
+pcx_content_type: overview
+sidebar:
+  order: 2
+---
+
+import { Render } from "~/components"
+
+<Render file="what-is-cloudflare" product="fundamentals" />

src/content/docs/learning-paths/secure-o365-email/concepts/protect-from-phishing-attacks.mdx

@@ -0,0 +1,10 @@
+---
+title: What is Email Security?
+pcx_content_type: overview
+sidebar:
+  order: 4
+---
+
+Despite email's importance as a communication method, security and privacy were not built into the [The Simple Mail Transfer Protocol (SMTP) protocol](https://www.cloudflare.com/learning/email-security/what-is-smtp/). As a result, email is a major attack vector. 
+
+Email security is the process of preventing [email-based](https://www.cloudflare.com/learning/email-security/what-is-email/) cyber attacks and unwanted communications. It spans protecting inboxes from takeover, protecting domains from [spoofing](https://www.cloudflare.com/learning/ssl/what-is-domain-spoofing/), stopping [phishing attacks](https://www.cloudflare.com/learning/access-management/phishing-attack/), preventing fraud, blocking [malware](https://www.cloudflare.com/learning/ddos/glossary/malware/) delivery, and filtering [spam](https://www.cloudflare.com/learning/email-security/how-to-stop-spam-emails/). 

src/content/docs/learning-paths/secure-o365-email/concepts/what-is-cloudflare.mdx

@@ -0,0 +1,12 @@
+---
+title: What is a phishing attack?
+pcx_content_type: overview
+sidebar:
+  order: 3
+---
+
+[Phishing](https://www.cloudflare.com/en-gb/learning/access-management/phishing-attack/) is an attempt to steal sensitive data, typically in the form of usernames, passwords, or other important account information. The phisher either uses the stolen information themselves (for instance, to take over the user's accounts with their password), or sells the stolen information.
+
+Phishing attackers disguise themselves as a reputable source. With an enticing or seemingly urgent request, an attacker lures the victim into providing information, just as a person uses bait while fishing.
+
+Phishing often takes place over email. Phishers either try to trick people into emailing information directly, or link to a webpage they control that is designed to look legitimate (for instance, a fake login page where the victim enters their password).

src/content/docs/learning-paths/secure-o365-email/concepts/what-is-email-security.mdx

@@ -0,0 +1,38 @@
+---
+title: Manage your active directory
+pcx_content_type: how-to
+sidebar:
+  order: 2
+---
+
+Directories are folders to store user data. Email Security allows you to manage directories from the Cloudflare dashboard.
+
+To manage a Microsoft directory:
+
+1. Log in to [Zero Trust ](https://one.dash.cloudflare.com/).
+2. Select **Email security**.
+3. Select **Directories**.
+4. Under **Directory name**, select **MS directory**.
+5. From here, you can manage **Groups** or **Users** directories.
+
+Email Security allows you to view and manage your groups directory and their [impersonation registry](/cloudflare-one/email-security/detection-settings/impersonation-registry/). 
+When a group is added to the registry, all members are registered by default.
+
+To manage your group directory, on the **MS directory** page, select **Groups**.
+
+To add a single group to the registry:
+
+1. Select the group name you want to add.
+2. Select the three dots > **Add to registry**.
+
+To add multiple groups to the registry at once:
+
+1. Select the group names you want to add to the registry.
+2. Select the **Action** dropdown list.
+3. Select **Add to registry**.
+
+In addition, Email Security allows you to:
+
+- [Remove groups from the registry](/cloudflare-one/email-security/directories/manage-ms-directories/manage-groups-directory/#remove-groups-from-registry).
+- [Filter the impersonation registry](/cloudflare-one/email-security/directories/manage-ms-directories/manage-groups-directory/#filter-impersonation-registry).
+- [Manage users in your directory](/cloudflare-one/email-security/directories/manage-ms-directories/manage-users-directory/).