Microsoft today announced Windows Defender Advanced Threat Protection for enterprise customers to detect, investigate, and respond to advanced attacks on their networks. It will help detect attackers and threats, provide enterprises with information to investigate the breach across endpoints, and offer response recommendations. “This provides a new post-breach layer of protection to the Windows 10 security stack,” said Microsoft.
Highlights Windows Defender Advanced Threat Protection
- Detects Advanced Attacks provides key information on who, what, and why the attack happened.
- Powered by a combination of Windows behavioral sensors, cloud based security analytics, threat intelligence, and by tapping into Microsoft’s intelligent security graph that provides big-data security analytics that look across aggregate behaviors to identify anomalies – informed by anonymous information from over 1 billion Windows devices, 2.5 trillion indexed URLs on the Web, 600 million reputation look-ups online, and over 1 million suspicious files detonated every day.
- Response Recommendations. The service’s security operations data provides an easy way to investigate alerts, explore the entire network for signs of attacks, examine attacker actions on specific devices, and get detailed file footprints from across the organization to recommend responses.
- Complements Microsoft Advanced Threat Detection Solutions.
- Powered by a cloud backend, no on premise server infrastructure or ongoing maintenance is required. It complements email protection services from Office 365 Advanced Threat Protection and Microsoft Advanced Threat Analytics.
Microsoft said that Windows Defender Advanced Threat Protection is already live with early adopter customers.