What you need to know
- Tamper protection detects when an attempt is made to alter security settings.
- Tamper protection is now available in Windows 10 Home and for organizations through Microsoft Intune.
- The feature has been in testing through Insiders since earlier this year but is now generally available.
In a techcommunity post, Microsoft breaks down how tamper protection works and what it aims to stop. The post lists five examples of what tamper protection accomplishes:
- Real-time protection, which is the core antimalware scanning feature of Microsoft Defender ATP next generation protection and should rarely, if ever, be disabled
- Cloud-delivered protection, which uses our cloud-based detection and prevention services to block never-before-seen malware within seconds
- IOAV (IE Downloads and Outlook Express Attachments initiated), which handles the detection of suspicious files from the Internet
- Behavior monitoring, which works with real-time protection to analyze and determine whether active processes are behaving in a suspicious or malicious way, and then blocks them
- Security intelligence updates, which Windows Defender Antivirus uses to detect the latest threats
For Windows 10 Home users, tamper protection will be turned on by default. The feature is being turned on gradually. Users can use the Windows Security app to review or change settings for tamper protection.
Organizations can deploy tamper protection through MIcrosoft Intune. Organizations can enable the feature for an entire organization or individual devices and user groups.
LATEST ARTICLES
