Last year, Microsoft announced a new service called Windows Defender Advanced Threat Protection that helps enterprises detect, investigate, and respond to advanced attacks on their networks. With a combination of client technology built into Windows 10 and a robust cloud service, it will help detect threats that have made it past other defenses, provide enterprises with information to investigate the breach across endpoints, and offer response recommendations. Microsoft today announced new improvements that are coming to Windows Defender ATP.
With the upcoming Windows 10 Creators Update, Microsoft will allow organizations to add customized detection rules and providing the ability to perform ‘time travel’ detections running every new detection added across six months of historical data. Microsoft is also integrating security events and alerts from across the Windows security stack, starting with Windows Defender Antivirus in ATP, this will help customers to check their malware reports and security events in one place. Microsoft is also planning to bring WDATP support for additional platforms starting with Windows Server.
Microsoft today also highlighted that System Center Endpoint Protection, received high marks with 100% on zero day, web and email based threat testing and 98.6% on malware and prevalent malware testing.