The explosive growth in the scale and sophistication of cyberthreats is remaking the security landscape. Today, it’s not a matter of if your organization’s data will be compromised, but a matter of when. Having a proactive protection strategy that includes pre- and post-breach components is critical to addressing advanced attacks.
Fortunately, Windows 10 has comprehensive pre-breach solutions and with Windows Defender Advanced Threat Protection (ATP) we added a post-breach layer to the Windows Security stack. And the best part? Windows Defender ATP is built in to Windows 10 and designed to provide the best performance experience on your machine. It doesn’t require any additional software deployment and management.
So do you want the good news or the bad news?
Well, here’s the outcome: New hacking techniques are multiplying exponentially and old pre-breach detection techniques can’t keep up. The numbers are alarming—on average it takes an attacker minutes to get in, and security teams more than 140 days to discover it.
With the release of Windows 10 Anniversary Update, Microsoft offers Windows Defender ATP to complement the existing endpoint security stack of Windows Defender, SmartScreen, and various OS hardening features. The new service, purposely built to detect and respond to advanced attacks, leverages a deep behavioral sensor integrated into Windows 10 combined with a powerful security analytics cloud back end to enable enterprises to detect, investigate, and respond to targeted and sophisticated advanced attacks on their networks.
Next-level protection: Post-breach detection and response
Windows Defender ATP goes wide and deep, working to cover all your bases, with a focus on post-breach challenges. It’s like having a black belt team of security defense experts supporting every machine running Windows 10.
Advanced attack detection. Microsoft makes the most of its strong security analytics and rich intelligence capabilities to provide visibility into anomalies and threats from a broad base of sources. We also leverage the Microsoft Security Intelligence Graph to cull data from Windows updates and search engine results that index billions of URLs to generate potential hack alerts immediately.
Investigation and response. The portal gives SecOps tools and capabilities to investigate and respond to threats on their endpoints. You can also proactively explore your network for signs of attacks, perform forensics on specific machines, track attacker actions across machines in your network, get a detailed file footprint across your organization, submit a file for deep analysis, and with the Creators Update isolate machines, kill processes, or ban files from your network.
Threat intelligence. Get internal and external reports and indicators for known attackers and of prominent attacks (Strontium, for example), validated and enriched by an internal team of security black belts and third-party feeds. With the Creators Update, you can add your own TI to define alerts unique to your environment within Windows Defender ATP, based on IOCs.
Windows 10 and Windows Defender ATP helpgs give you the best defense and offense when it comes to potential and actual data breaches. Learn more by downloading the ebook now.
Discover more about how this new strategic approach can make a real difference at Microsoft Secure.
from Microsoft Secure Blog Staff