Windows Defender Advanced Threat Protection (ATP) is a cloud based service that uses machine learning, big data, and analytics to provide enterprise customers the ability to detect, track, resolve, and investigate security concerns/issues within their networks.
Enterprise and business customers gained access to Windows Defender ATP features when the Anniversary Release of Windows 10, which was recently designated as the new Current Branch for Business by Microsoft, was released in August of this year.
Those same users will see further enhancements to this capability in the upcoming Creators Update expected in March 2017.
A new white paper from Microsoft, just made available this week, provides background and other insight into the security service and how customers can take advantage of this cloud powered service.
According to Microsoft, some of the benefits behind Windows Defender ATP include:
- It’s easy to deploy and manage. Windows Defender ATP uses a built-in agent in Windows 10 that makes it easy to onboard employee devices, or endpoints; it required no on-premises infrastructure.
- It has improved connectivity. Windows Defender ATP is an always-on service for our always connected devices.
- It’s scalable. We’ve onboarded data from more than 500,000 devices, and the Windows Defender ATP service grows as our needs grow.
- It gives us precision alerting. Windows Defender ATP provides intelligent, actionable alerts fueled by Microsoft security experts.
- It gives us the ability to perform faster triage. Windows Defender ATP enables rapid host triage and provides deep event timeline for investigations.
- It’s more efficient. Windows Defender ATP enables focused response and enterprise threat containment.
The document goes on to cover the following subject areas:
- Monitoring at scale
- Advanced adversaries
The role of Windows Defender ATP
- Windows Defender ATP service architecture
- Onboarding client devices
- Microsoft threat intelligence
- Dedicated and secure Windows Defender ATP cloud environment
- Windows Defender ATP portal
The document wraps up with the benefits of Windows Defender ATP and all of this paper makes a good starting point for discussing your own companies threat posture including the tools you use to mitigate any possible threats and breaches when they occur.
Looking for an awesome, no-nonsense technical conference for IT Pros, Devs, and Devops? Check out IT/Dev Connections!