Those who are using Windows 10 PC will be quite familiar with Windows Defender, the inbuilt anti-virus program from Microsoft exclusively for Windows 10. Today Microsoft has announced a new service Windows Defender Advanced Threat Protection.
Day by day we are hearing cyber attacks around the world. And it not at all decreasing, but increases everyday in all factors. Already Windows Defender is playing a crucual role to protect their valuable data for customers using W10 PC. With the Advanced threat protection customers will be more secured.
Here’s how the Windows Defender Advanced Windows Threat Protection works:
From Windows Blog:
1) Detects Advanced Attacks provides key information on who, what, and why the attack happened. Sophisticated threat intelligence enables attack detection, informed by the world’s largest array of sensors and expert advanced threat protection, including a team of experts at Microsoft and expert security partners.
Windows Defender Advanced Threat Protection is powered by a combination of Windows behavioral sensors, cloud based security analytics, threat intelligence, and by tapping into Microsoft’s intelligent security graph. This immense security graph provides big-data security analytics that look across aggregate behaviors to identify anomalies – informed by anonymous information from over 1 billion Windows devices, 2.5 trillion indexed URLs on the Web, 600 million reputation look-ups online, and over 1 million suspicious files detonated every day.
This data is then augmented by expertise from world-class security experts and advanced threat protection Hunters from across the globe, who are uniquely equipped to detect attacks.
2) Response Recommendations. The service’s security operations data provides an easy way to investigate alerts, explore the entire network for signs of attacks, examine attacker actions on specific devices, and get detailed file footprints from across the organization to recommend responses.
With time travel-like capabilities, Windows Defender Advanced Threat Protection examines the state of machines and their activities over the last six months to maximize historical investigation capabilities and provides information on a simple attack timeline. Simplified investigation tools replace the need to explore raw logs by exposing process, file, URL and network connection events for a specific machine or across the enterprise.
And, a cloud-based detonation service enables files and URLs to be submitted to isolated virtual machines for deep examination. In the future, Windows Advanced Threat Protection will also offer remediation tools for affected endpoints.
3) Complements Microsoft Advanced Threat Detection Solutions. Because Windows Defender Advanced Threat Protection is being built into Windows 10, it will be kept continuously up-to-date, lowering costs, with no deployment effort needed. Powered by a cloud backend, no on premise server infrastructure or ongoing maintenance is required. It complements email protection services from Office 365 Advanced Threat Protection and Microsoft Advanced Threat Analytics.
We are not sure when Microsoft has planned to roll out this advanced Windows Defender, but it will be broadly available by later this year..