What can you tell me about Microsoft's new Windows Defender Advanced Threat Protection? I know Windows Defender...
isn't an enterprise-ready antimalware tool, but how is this new release different from the standard Windows Defender tool?
Microsoft's new Windows Defender Advanced Threat Protection started out as Giant antispyware in 2004, which included unique functionality like innovative neighborhood watch. Windows Defender has advanced significantly and is now included by default in Windows, but there have been concerns about how it can be used in enterprises, including questions about the configurability of the Windows Defender tool and specifically how the definition updates aren't configurable. Some enterprises want to test malware definition updates to ensure legitimate files and applications aren't disrupted, as they have caused problems in the past for antimalware tools.
The new version of Windows Defender Advanced Threat Protection has features to appeal to enterprises to build on Microsoft System Center 2012 R2 Endpoint Protection. It now has functionality for controlling when definitions are updated, along with other reporting and alerting functionality for monitoring your environment.
Windows Defender Advanced Threat Protection is powered by Windows behavioral sensors, cloud-based security analytics, threat intelligence and machine learning. It has improved incident response functionality where a network of managed systems can be investigated looking for signs of an attack, so an enterprise could determine how to respond to an attack. Windows Defender Advanced Threat protection also has functionality to examine the state of a system over the previous six months to help provide additional context.
Ask the Expert: Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)
Find out what Windows Defender's pros and cons are
Learn about the best antimalware alternatives to Windows Defender
Discover how to stop Vonteera adware from disabling antimalware
Dig Deeper on Microsoft Windows security
Related Q&A from Nick Lewis
Kaspersky researchers found a new Android malware that can physically harm phones. Learn how this works and the steps to mitigate the attack with ... Continue Reading
The Zealot campaign discovered by F5 Networks uses the same Apache Struts vulnerability exploited in the Equifax breach. Learn how else it performs ... Continue Reading
Facebook Messenger is being used to reach more victims with a cryptojacking bot that Trend Micro researchers named Digimine. Learn how this bot works... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.