What can you tell me about Microsoft's new Windows Defender Advanced Threat Protection? I know Windows Defender...
isn't an enterprise-ready antimalware tool, but how is this new release different from the standard Windows Defender tool?
Microsoft's new Windows Defender Advanced Threat Protection started out as Giant antispyware in 2004, which included unique functionality like innovative neighborhood watch. Windows Defender has advanced significantly and is now included by default in Windows, but there have been concerns about how it can be used in enterprises, including questions about the configurability of the Windows Defender tool and specifically how the definition updates aren't configurable. Some enterprises want to test malware definition updates to ensure legitimate files and applications aren't disrupted, as they have caused problems in the past for antimalware tools.
The new version of Windows Defender Advanced Threat Protection has features to appeal to enterprises to build on Microsoft System Center 2012 R2 Endpoint Protection. It now has functionality for controlling when definitions are updated, along with other reporting and alerting functionality for monitoring your environment.
Windows Defender Advanced Threat Protection is powered by Windows behavioral sensors, cloud-based security analytics, threat intelligence and machine learning. It has improved incident response functionality where a network of managed systems can be investigated looking for signs of an attack, so an enterprise could determine how to respond to an attack. Windows Defender Advanced Threat protection also has functionality to examine the state of a system over the previous six months to help provide additional context.
Ask the Expert: Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)
Find out what Windows Defender's pros and cons are
Learn about the best antimalware alternatives to Windows Defender
Discover how to stop Vonteera adware from disabling antimalware
Dig Deeper on Microsoft Windows security
Related Q&A from Nick Lewis
Zscaler recently discovered a malvertising campaign that spreads the Terror exploit kit through malicious ads. Discover more about the threat with ... Continue Reading
Cybersecurity vendor Wordfence reported a rise in scans for SSH private keys that are often accidentally exposed to the public. Learn how to stay ... Continue Reading
The SANS Internet Storm Center discovered a DDE attack spreading Locky ransomware through Microsoft Word. Learn what a DDE attack is and how to ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.