The Dashboard of Advanced Threat Protection (ATP) Platform does not show as many Malicious events for Email as the Email Track and Trace tool within Email Security.cloud shows messages for Anti-Malware service for the same date.
Within ATP Platform UI, Synapse is activated.
Within ATP Platform UI, Email Security.cloud correlation is enabled.
To confirm whether ATP UI receives all Anti-Malware service events for a given date
gather_logs", then contact support for further assistance.
To enumerate events for Anti-Malware service with Email Track and Trace in the Email Security.cloud portal