Windows Defender advanced threat protection (Windows Defender ATP). The expanded security solution protects business users from complex threats. The new features of the service are in the Windows Defender ATP creators update preview, performs like the Microsoft secure blog .Microsoft has explained the innovations of
upcoming Windows creators improves the recognition accordingly by memory and kernel sensors, “to light in earlier places to bring in which attackers before conventional detection tools hid dark”. This new technology had been successfully against zero-day attacks on Windows.
the observation of patterns of behaviour, as well as machine learning should Ransomware and other advanced attack detection continuously optimize, to respond to changing attack trends. New detection rules can be used on up to six months of stored data, to track previously unnoticed attack. Microsoft’s customers can add their own rules of recognition recognition library.
the integration of various Windows security tools in the Windows Defender APT portal should provide more clarity. So, Windows Defender anti virus detections and device-guard measures together with ATP detections are visible. By various detections and related events in one view are aggregated, faster security staff could solve problems without losing current security alerts from the look.
the user entity page shows all important insights to a particular user. Warnings are made across the computer and allow attackers to track across the network. When a detected attack, security teams can take immediate action – to isolate such machines, to keep files from the network and to terminate processes or to put in quarantine.
Windows Defender advanced threat protection, developed under the code name Seville goes far beyond the previous functionality of Windows Defender. He should help companies to identify threats that have overcome other security measures, and give users tools to study security vulnerabilities on the hand and action recommendations. The service combines sensors for endpoint behavior, analysis of cloud security and threat detection.