Microsoft’s Protection Service Turns In To An Enterprise Windows Defender Advanced Threat Protection
Microsoft has declared a new Windows Defender Advanced Malware Protection service. According to the Microsoft’s declaration, this service described as, “a combination of client technology built into Windows 10 & a robust cloud service.” And you know what these beneficial services are available for consumer’s PCs as well as ships with the company’s Windows 10 OS.
It would be a big step for these not only reliable but also conventional Windows Defender consumer usefulness program that is used to check Windows clients for Malware.
Now Microsoft has added new features in the software that turned into a service which can help endeavors find the unusual system activities that will be alert them about the attacks on their networks. And the best thing is that this service is developed in the Windows 8 & Windows 10 OS that will replace the Microsoft Security Essentials consumer antimalware service. According to the Microsoft, these new currently services offers antimalware protection across nearly “300 million devices.”
This new Microsoft threat protection that does not look all things in large organizations, but it will only look for fishy activities of systems in a corporate environment. As all, we know that now attackers are using the tricks of social engineering attacks which runs malicious programs that can bypass the old anti-malware software. While there is not compulsion in Advanced Threat Protection that it would protect from attacks but it can alert quickly into the organizations about the falling out the security.
After this announcement by Microsoft’s declaration of Windows Defender Advanced Threat Protection, the organizations used this new service as a public-service program for consumers. Currently, it is used by the Microsoft’s corporation, but early it would be adopted by many other companies just like – Avanade.
This protection service seems not to be appeared available broadly. On this a Microsoft spokesperson post with an email - "in the coming months" for Windows Insider Program Windows 10 testers. This solution isn't available for Windows 7 or Windows 8.1 as it was "specifically built into Windows 10."
According to the Microsoft Corporation,
There was no need for an explanation about the additional cost of this service because for consumers it is a free service of Window Defender.
Now attackers have plenty of time for stealing the data and bring unwanted disturbance in the corporate network because the Protection service typically takes an enterprise more than 200 days to detect a security threat and consists it for 80 days.
Windows Defender Advanced Threat Protection is being positioned as a post-breach solution, and it is powered by a combination of Windows behavioral sensors, cloud-based security analytics, and threat intelligence. It also has the capabilities of Microsoft’s Machine learning for detecting in a better way the past attacks due to abnormal behavior of a system.
Windows Defender Advanced Threat Protection service can recommend responses of organizations just like how to handle security threats as well.
Terry Myerson, who is an executive vice president of the Microsoft Windows and Devices Group, says that now Windows Defender Advanced Threat Protection will provide a new feature "post-breach" which is used for detecting attacks by using the capability of machine-learning. And it can quickly identify if there's been any compromise occur with any system. It immediately provides protection to the client’s computer and can also detect the PCs breach status up to the last six months. It is also promising that it will remove all plodding that has comb by logging process after the checking process.
According to the explanation of Microsoft’s, "Simplified investigation tools replace the need to explore raw logs by exposing process, file, URL and network connection events for a specific machine or across the enterprise." And it also added that in a future release of this service that will include "remediation tools for affected endpoints."
Microsoft's Big Data analysis is providing the capabilities to detect breaches. Microsoft describes as its "intelligent security graph" that is an immense security graph which provides big-data security analytics that looks across aggregate behaviors to identify anomalies -- informed by anonymous information from over 1 billion Windows devices, 2.5 trillion indexed URLs on the Web, 600 million reputation look-ups online, and over 1 million suspicious files detonated every day.
As I told you that it is powered by Cloud Based Security Analytics due to which the service separates the files and URLs on a virtual machine for analysis. As well as it also has a "cloud-based detonation service" for testing the breaches.
Microsoft is saying that Advanced Threat Protection is an Exchange Online service that went live in June. In which present some additional security protections for e-mail attachments and also providing the scanning for malicious URLs. That will also have a trace capability for analytic.
If you want to get more information about Windows Defender Advanced Threat Protection over at the Microsoft’s Windows Blog.
Source: Windows Blog