Microsoft Presents Defender's Advanced Threat Protection

Status
Not open for further replies.

BoraMurdar

Community Manager
Thread author
Verified
Staff Member
Well-known
Aug 30, 2012
6,598
94L1BJ4.png






Today's announcement builds on security features that the company unveiled at its Ignite 2016 conference, which include Defender Advanced Threat Protection (ATP) and Office ATP being able to communicate with one another through the Windows Security Center. This will allow IT admins to "easily follow an attack across endpoints and email in a seamless and integrated way."

  • Enriched Detection. As I’ve said before, methods and means attackers use are increasingly varied, complex and well-funded. The sensors we have today across the network traffic channeled through end points and the cloud are powerful. However, cyber threats won’t stop, and neither will we. With the Creators Update we will expand Windows Defender ATP sensors to detect threats that persist only in memory or kernel level exploits. This will enable IT administrators to monitor loaded drivers and in-memory activities, and to detect various patterns of injection, reflective loading, and in-memory modifications indicating potential kernel exploits.

  • Enriched Intelligence. We already add on to our Microsoft Threat Intelligence (TI) with industry partners like FireEye iSIGHT Threat Intelligence. In the Creators Update, we’ll enable IT administrators to feed their own intelligence into the Windows Security Center for alerts on activities based on their own indicators of compromise. This added level of insight will enrich machine learning models to identify and block malware more quickly and better protect their unique environment.

  • Enhanced Remediation. We will also deliver new remediation actions in Windows Defender ATP that will give IT administrators the tools to isolate machines, collect forensics, kill and clean running processes and quarantine or block files with a single click in the Windows Security Center and further reduce response time.

From Neowin
 

Der.Reisende

Level 45
Honorary Member
Top Poster
Content Creator
Malware Hunter
Dec 27, 2014
3,423
This sounds way too cool to be truth. Someone bring me back to reality please.
+1
I wonder whether this will find it's way into Windows Defender for Home / Pro Win10, too. Some mechanical protection features for WD wouldn't be of harm, too. Like HIPS / BB. In case the improved detection ratio fails.
 

SHvFl

Level 35
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Nov 19, 2014
2,342
+1
I wonder whether this will find it's way into Windows Defender for Home / Pro Windows 10, too. Some mechanical protection features for WD wouldn't be of harm, too. Like HIPS / BB. In case the improved detection ratio fails.
If MS made a BB it would be the BB you want. They have access to everything and can make the OS behave like they wish to help. MS is the only one that could potentially own the anti malware business but they don't seem to want to do it.
 

Der.Reisende

Level 45
Honorary Member
Top Poster
Content Creator
Malware Hunter
Dec 27, 2014
3,423
If MS made a BB it would be the BB you want. They have access to everything and can make the OS behave like they wish to help. MS is the only one that could potentially own the anti malware business but they don't seem to want to do it.
Yes, I agree with you! I think the problem is they rather would, however they'd get sued all the way down, like they were in Europe with boosting the use of IE by not offering alternatives on stock installations.
https://gizmodo.com/5988837/the-eu-just-fined-microsoft-730m-over-its-browser-monopoly
However, this time, probably by not only the EU.
 

SHvFl

Level 35
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Nov 19, 2014
2,342
It initially was going to be released for business users, it would be great if they change their mind and bring those features to home users as well
They added pro which is something. Don't expect them to give it to home. They don't even give group policy in home. Home is the poor relative to their lineups in the eyes of MS.Just so they can be added to all those pre made builds(laptop/desktops) for a profit to both MS and manufactures.
At least this is how i see it.
 
M

MalwareBlockerYT

GUI should be the least important thing for security software. But anyway, Microsoft is ready to update Windows Defender GUI in Creators Update

chrome_2016-10-27_08-55-19-1024x541.0.jpg
I agree that the GUI is the least important thing but there's no reason to ditch 3rd party AVs when they have a better GUI, better performance, better detection rate, more extra features, etc...

Yes Microsoft may be upping their claim but can they up their game? Will they ever produce as good of an AV as Emsisoft or Kaspersky, Bitdefender, etc?

The new GUI does look slightly better though.
 

In2an3_PpG

Level 18
Verified
Top Poster
Content Creator
Well-known
Nov 15, 2016
867
I agree that the GUI is the least important thing but there's no reason to ditch 3rd party AVs when they have a better GUI, better performance, better detection rate, more extra features, etc...

Yes Microsoft may be upping their claim but can they up their game? Will they ever produce as good of an AV as Emsisoft or Kaspersky, Bitdefender, etc?

The new GUI does look slightly better though.

I don't know if Microsoft would be allowed to improve Defender to be like the three you mentioned. If they were then why would anyone need to leave Defender and purchase or use a 3rd party av when Defender comes with the OS. That would probably make the industry very upset and make Microsoft look like a monopoly. 3rd party AVs would then start losing a lot of money. Then governments would get involved.

Personally though i don't really have any problem with the current GUI. The new one looks alright.
 
M

MalwareBlockerYT

I don't know if Microsoft would be allowed to improve Defender to be like the three you mentioned. If they were then why would anyone need to leave Defender and purchase or use a 3rd party av when Defender comes with the OS. That would probably make the industry very upset and make Microsoft look like a monopoly. 3rd party AVs would then start losing a lot of money. Then governments would get involved.

Personally though i don't really have any problem with the current GUI. The new one looks alright.
The new GUI looks better in my opinion but bland. Microsoft seems to like the colour grey - Windows 10 Settings, new Windows Defender GUI, etc are all either grey, blue or white. I like the colours on the OS but the Defender GUI looks like they've wasted a lot of space & it looks plain & simple. I feel as though they should actually add an image or something next to the "Windows Defender Protecting Is Your Computer" otherwise it will be the first AV ever to not have a green tick saying "You are protected!"...
 
W

Wave

I agree that the GUI is the least important thing but there's no reason to ditch 3rd party AVs when they have a better GUI, better performance, better detection rate, more extra features, etc...
The extra features aren't essential. What is essential is basic real-time/on-demand scanning, and as long as you use the existing built-in Windows security like UAC/SmartScreen correctly and are careful online then you don't need an expensive AV with loads of fancy features. Even if you are using Kaspersky or Emsisoft, you may believe you are better protected, but most infections 9/10 involve additional user-intervention and if the user is being dumb and allowing things or doesn't know how to work a product correctly or is just not using safe practises then they'll be infected no matter what security they are using.

Windows Defender + UAC + SmartScreen + common sense = 10x better than using any other AV/IS product you'll find, because using another one won't make you more full-proof. Having fancy features like BB/HIPS, sandboxing, etc may not make a difference... User downloads malware -> becomes sandboxed -> so they execute out of the sandbox... (after all, they did download and try to run it). Now apply the same for BB/HIPS -> they allow because they wanted to run it... Now they become infected anyway.

They can't make a product like Emsisoft has because it'd remove the freedom that we as users have on Windows. Users who use WD don't need HIPS alerts and to be confused with fancy features... MS are just providing good essentials which can be used like UAC/SmartScreen which are great alone if used in combination, plus basic security which is sufficient enough to be a backup friend. :)
 

Svoll

Level 13
Verified
Top Poster
Well-known
Nov 17, 2016
627
This sounds way too cool to be truth. Someone bring me back to reality please.

Whats reality? Marketing 101 taught me, you must believe in the product and your imagination of what it is capable of therefore you are not blowing smoke out of your behind. I didn't believe therefore I am repeating the class =P -Joking, I passed it easily!!!!
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top