query MC226683 Secure by Default - honoring ATP detonations

ExMSW4319, thanks, responding to each of your questions below:

1. Yes, this is correct - please ask questions here in the MDO community. Office ATP is now Microsoft Defender for Office 365.
2. Because Microsoft wants to keep our customers secure by default, some tenants overrides are not applied for malware or high confidence phish. These overrides include: Allowed sender lists or allowed domain lists (anti-spam policies), Outlook Safe senders. Phishing email identified as "high confidence" will be handled according to the anti-spam policy action.  For additional details, please see Secure by default in Office 365 - Office 365 | Microsoft Docs
3. In such cases, please utilize admin submissions. For details, please refer to Admin submissions - Office 365 | Microsoft Docs.