Microsoft Presents Defender's Advanced Threat Protection

[HarborFront]

ATP? A better term for real-time protection, no? And the firewall provided will still have no outbound notifications unless you go deep inside to set it. Lastly, the protection offered by Windows Defender will still be inferior as compared to competitors like Kaspersky, BitDefender, Norton, Emsisoft, ESET etc

MS just put all the components into a single GUI and calls it ATC

 

[AtlBo]

Windows Defender + UAC + SmartScreen + common sense = 10x better than using any other AV/IS product you'll find, because using another one won't make you more full-proof. Having fancy features like BB/HIPS, sandboxing, etc may not make a difference...

Yes Wave, but what about AV/IS + sandbox + (anti-executable?) + common sense vs Windows Defender + UAC + SmartScreen + common sense? Users still have to choose with the Windows setup too correct? No common sense in either setup is a tie is it not and failure either way? Or would the odds would be better that I won't override UAC + SmartScreen to make my decision vs overriding AV/IS + sandbox? Anyway, I feel we should at least be careful to add common sense to both scenarios before comparing. Also, many users use 3rd party security and UAV and SmartScreen.

We could add so many layers to this thinking. I think MS is fooling itself if they believe they will overcome the entire PC security industry with anything. I don't see how.

User downloads malware -> becomes sandboxed -> so they execute out of the sandbox... (after all, they did download and try to run it). Now apply the same for BB/HIPS -> they allow because they wanted to run it... Now they become infected anyway.

Same with Windows security (maybe even Windows users more likely to approve UAC/WD/SmartScreen) as with 3td party security, except that it isn't in the sandbox to have to retrieve it and think more about running it. Main thing for me is that users can 100% trust their security provider without question and that the software is of highly intelligent design. This should be sufficient I believe. There certainly is much room for improvement I suppose.

One thing on MS protecting networks. This seems as it may be too little too late from MS. Not that it's a bad idea, but it looks strained and underwhelming in scope, and I can only imagine what is brewing within the 3rd party software providers for far more extensive solutions. +0 for this for MS imo. Way overdue. Where was the support before for the Target breach and on and on and on with all the others? There could have been much more done for network managers imo.

 

[motox781]

It's good to see Defender getting some much needed love. Over the years, Microsoft has back themselves into a corner...but are working themselves out with Windows 10. I don't know much about the deep security features of Windows 10, but I know that it is stronger than previous OSes Microsoft has released. Updates to Sandboxing, Smartscreen, UAC, Defender and I'm sure much more has strengthened Windows 10 to the point were you see heavy marketing with 3rd party AVs now (ADs, leftover scanners, emails, webpage advertising, deals, questionable renewal policies, etc). It makes you wonder if 3rd party AVs feel a hit (Windows 10 in general getting more secure and less of a need for 3rd party AVs). Or maybe the PC market decline is causing them to lose market share. Maybe both.

I don't think we will ever see more features that increases user input in Windows 10+. Every product or enhancement from Microsoft for home users is carefully crafted to make sure the user is not bombarded with too many decisions. And that is the best direction to take IMO. Technologies have to become smarter. Being able to out-smart even the best of us. Automated security (next-gen or whatever you want to call it) that finds security issues and corrects them quietly...on top of a more secure OS. That seems like the direction the general home user market is going.

 

[DJ Panda]

ATC? A better term for real-time protection, no? And the firewall provided will still have no outbound notifications unless you go deep inside to set it. Lastly, the protection offered by Windows Defender will still be inferior as compared to competitors like Kaspersky, BitDefebder, Norton, Emsisoft, ESET etc

MS just put all the components into a single GUI and calls it ATC

True I agree with you but majority of the ones you mentioned have to be paid for. MSE was free and WD is free. Honestly, I would probably put Kaspersky as one of the high paid solutions but I use things like Avast Free. (WD pretty good it seems) I tried running BD in a VM and it didn't end well. It's better to use the tools we are given first, then see if they are able to be used well enough and if that doesn't work put the effort in to get better things.

 

[HarborFront]

True I agree with you but majority of the ones you mentioned have to be paid for. MSE was free and WD is free. Honestly, I would probably put Kaspersky as one of the high paid solutions but I use things like Avast Free. (WD pretty good it seems) I tried running BD in a VM and it didn't end well. It's better to use the tools we are given first, then see if they are able to be used well enough and if that doesn't work put the effort in to get better things.

Well, let's see when the ATP is out and the reviews and testings that accompany it with comparison against its competitors to see whether WD does improve

 

[Lucent Warrior]

If one was to take a good long gander at the users making youtube videos and testing in forums, one would see they all pretty much share something in common if testing on Windows 10... They need to (Disable windows 10 built in security) in order to test. <<<<< Please be sure to let the text in parenthesis sink in deeply for a moment.

Windows Defender is quite good now days as it is especially combined with its counterparts of Smartscreen & UAC and of course AppContainer. A few more steps in the right direction and there would be no need for 3rd party security.

 

[Antimalware18]

Microsoft stepping up their antimalware game?

Hmmm....interesting. Lets see how big their guns are.

 

[Neno]

No one can match their guns, though Anti-Monopoly Commission can ban them, or at least cut their ammunition.

 

[TheMalwareMaster]

Seems a nice addiction, maybe home users will have benefits also because Microsoft will be faster to add signatures from malware coming from business machines, and because of that, the whole detection from home machines will go up

 

[Windows_Security]

Windows Defender on Windows 10 QUESTION

A friend of mine got a new PC because he will be not be working for some time (he is so lucky to recover from cancer). He has a Windows 10 Pro, so I added some group policies templates to harden his Office 2010 installation.

Accidentally I was looking at Windows Defender settings and I noticed a new feature (at least for me it is new, running without AV). See picture.

It seems that Smartscreen Desktop whitelist is integrated in Cloud part of Windows defender, because it seems to have a "block at first sight" option. Is this correct assumption (when not in WD blacklist, it will be blocked when not in Smartscreen Whitelist at M$ servers).

Like Smartscreen it needs to know what programs I am running/starting (telemetry).