What can you tell me about Microsoft's new Windows Defender Advanced Threat Protection? I know Windows Defender...
isn't an enterprise-ready antimalware tool, but how is this new release different from the standard Windows Defender tool?
Microsoft's new Windows Defender Advanced Threat Protection started out as Giant antispyware in 2004, which included unique functionality like innovative neighborhood watch. Windows Defender has advanced significantly and is now included by default in Windows, but there have been concerns about how it can be used in enterprises, including questions about the configurability of the Windows Defender tool and specifically how the definition updates aren't configurable. Some enterprises want to test malware definition updates to ensure legitimate files and applications aren't disrupted, as they have caused problems in the past for antimalware tools.
The new version of Windows Defender Advanced Threat Protection has features to appeal to enterprises to build on Microsoft System Center 2012 R2 Endpoint Protection. It now has functionality for controlling when definitions are updated, along with other reporting and alerting functionality for monitoring your environment.
Windows Defender Advanced Threat Protection is powered by Windows behavioral sensors, cloud-based security analytics, threat intelligence and machine learning. It has improved incident response functionality where a network of managed systems can be investigated looking for signs of an attack, so an enterprise could determine how to respond to an attack. Windows Defender Advanced Threat protection also has functionality to examine the state of a system over the previous six months to help provide additional context.
Ask the Expert: Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)
Find out what Windows Defender's pros and cons are
Learn about the best antimalware alternatives to Windows Defender
Discover how to stop Vonteera adware from disabling antimalware
Dig Deeper on Microsoft Windows security
Related Q&A from Nick Lewis
Researchers developed aIR-Jumper, an exploit that leverages lights within security cameras to extract data. Learn how this attack works and how to ... Continue Reading
The com.google.provision virus reportedly targets Android users, but little is known about it. Nick Lewis discusses the mystery threat and how Common... Continue Reading
A bug in Microsoft's Internet Explorer update exposes information that users enter into the browser's address bar. Learn more about the bug and URL ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.