Skip to main content

Microsoft announces enhanced Windows Defender threat protection for enterprise

Windows Defender
Windows Defender (Image credit: Windows Central)

Microsoft has announced the next step the company has taken to offer enhanced security for enterprise. Called Windows Defender Advanced Threat Protection, this new service will aid enterprise customers in detecting, investigating and responding to advanced attacks on network infrastructure.

From the company's rather in-depth blog post:

"Building on the existing security defenses Windows 10 offers today, Windows Defender Advanced Threat Protection provides a new post-breach layer of protection to the Windows 10 security stack. With a combination of client technology built into Windows 10 and a robust cloud service, it will help detect threats that have made it past other defenses, provide enterprises with information to investigate the breach across endpoints, and offer response recommendations."

Initial shielding comes from "the world's largest array of sensors" to enable threat protection that provides information on who, what and why an attack occurred. It's quite the operation, taking into account vast amounts of data accumulated which is then augmented by experts and "hunters" to detect said attacks.

"Windows Defender Advanced Threat Protection is powered by a combination of Windows behavioral sensors, cloud based security analytics, threat intelligence, and by tapping into Microsoft's intelligent security graph. This immense security graph provides big-data security analytics that look across aggregate behaviors to identify anomalies – informed by anonymous information from over 1 billion Windows devices, 2.5 trillion indexed URLs on the Web, 600 million reputation look-ups online, and over 1 million suspicious files detonated every day."

Once an attack has been detected, the Windows Defender Advanced Threat Protection service will the provide detailed analysis as well as recommendations on how to most effectively respond. Files and URLs can even be submitted to isolated virtual instances for further examination.

The best part of this new service for enterprise is how it's being built into Windows 10 and thus eliminates any costs and potential issues with deployment. It's also complimentary to existing Microsoft security services, like those found in Office 365 and Microsoft Advanced Threat Analytics. More details can be found on the official blog post.

Rich Edmonds
Senior Editor, PC Build

Rich Edmonds is Senior Editor of PC hardware at Windows Central, covering everything related to PC components and NAS. He's been involved in technology for more than a decade and knows a thing or two about the magic inside a PC chassis. You can follow him over on Twitter at @RichEdmonds.

8 Comments
  • How about making Defender better? It is still way behind competition. But apparently you get what you pay for.
  • Waiting for this article.
    "Microsoft announces Windows 10 Mobile for older Lumia devices"
  • Yes..true..good comment ever..
  • Yes, I've been waiting since October 2015
  • Last spring talk was about late summer so late summer 2016 is a go :)
  • Yes thank you lol
    But I don't suppose it is ready yet, looking at all the complaints about w10m from people with newer devices like 730, 1520, 930 or even the 950. Long road ahead I guess...
  • I wonder how much different this will really be to Windows Defender - They had "Endpoint Protection" in Windows 7,8,8.1 that came with inTune, which was Microsoft Security Essentials. With Windows 10 inTune just used Defender that comes with Win10 up until now, so I guess this will replace "plain old Defender" I was never able to really find out what the difference was between MSA and EndPoint Protection (via inTune) or whether they just did the exact same job, with the exact same definition files.
  • I truly hope Microsoft can bolster Windows' security and the public perception of Windows machines by getting truly serious about Windows Defender. They can work with or shutout other AV vendors and stop making Windows Security an optional part of their OS. Windows has improved a lot over the years but the recent, persistent string of ransomware attacking machines is concerning. Hope they can get this all figured out and make their platform stronger.