update all topics with Windows 10 SKUs

2025-06-17 19:33:37 +00:00 · 2016-08-01 15:13:42 +10:00
parent 90f5d9b335
commit 33022080c4
30 changed files with 130 additions and 130 deletions
--- a/windows/keep-secure/alerts-queue-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/alerts-queue-windows-defender-advanced-threat-protection.md
@ -14,7 +14,10 @@ author: mjcaparas
 **Applies to:**
- Windows 10, version 1607
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 As a security operations team member, you can manage Windows Defender ATP alerts as part of your routine activities. Alerts will appear in queues according to their current status.
--- a/windows/keep-secure/assign-portal-access-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/assign-portal-access-windows-defender-advanced-threat-protection.md
@ -13,7 +13,10 @@ author: mjcaparas
 # Assign user access to the Windows Defender ATP portal
 **Applies to:**
- Windows 10, version 1607
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Azure Active Directory
 - Office 365
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
--- a/windows/keep-secure/configure-aad-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/configure-aad-windows-defender-advanced-threat-protection.md
@ -14,7 +14,11 @@ author: mjcaparas
 **Applies to:**
- Windows 10, version 1607
+- Azure Active Directory
 - Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 You need to add an application in your Azure Active Directory (AAD) tenant then authorize the Windows Defender ATP Alerts Export application  to communicate with it so that your security information and events management (SIEM) tool can consume alerts from Windows Defender ATP portal.
--- a/windows/keep-secure/configure-arcsight-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/configure-arcsight-windows-defender-advanced-threat-protection.md
@ -14,7 +14,10 @@ author: mjcaparas
 **Applies to:**
- Windows 10, version 1607
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 You'll need to configure HP ArcSight so that it can consume Windows Defender ATP alerts.
--- a/windows/keep-secure/configure-endpoints-gp-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/configure-endpoints-gp-windows-defender-advanced-threat-protection.md
@ -14,13 +14,17 @@ author: mjcaparas
 **Applies to:**
- Windows 10 Insider Preview Build 14332 or later
+- Group Policy
 - Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 > [!NOTE]
 > To use Group Policy (GP) updates to deploy the package, you must be on Windows Server 2008 R2 or later.
-### Onboard endpoints
+## Onboard endpoints
 1.  Open the GP configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from the [Windows Defender ATP portal](https://securitycenter.windows.com/):
    a.  Click **Endpoint Management** on the **Navigation pane**.
--- a/windows/keep-secure/configure-endpoints-mdm-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/configure-endpoints-mdm-windows-defender-advanced-threat-protection.md
@ -14,7 +14,10 @@ author: mjcaparas
 **Applies to:**
- Windows 10 Insider Preview Build 14379 or later
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 You can use mobile device management (MDM) solutions to configure endpoints. Windows Defender ATP supports MDMs by providing OMA-URIs to create policies to manage endpoints. 
--- a/windows/keep-secure/configure-endpoints-sccm-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/configure-endpoints-sccm-windows-defender-advanced-threat-protection.md
@ -12,10 +12,12 @@ author: mjcaparas
 # Configure endpoints using System Center Configuration Manager
 **Applies to:**
- Windows 10 Insider Preview Build 14332  or later
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 - System Center 2012 Configuration Manager or later versions
--- a/windows/keep-secure/configure-endpoints-script-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/configure-endpoints-script-windows-defender-advanced-threat-protection.md
@ -11,6 +11,15 @@ author: mjcaparas
 ---
 # Configure endpoints using a local script
 **Applies to:**
 - Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 You can also manually onboard individual endpoints to Windows Defender ATP. You might want to do this first when testing the service before you commit to onboarding all endpoints in your network.
 ## Onboard endpoints
--- a/windows/keep-secure/configure-endpoints-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/configure-endpoints-windows-defender-advanced-threat-protection.md
@ -14,7 +14,10 @@ author: mjcaparas
 **Applies to:**
- Windows 10, version 1607
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 Endpoints in your organization must be configured so that the Windows Defender ATP service can get telemetry from them. There are various methods and deployment tools that you can use to configure the endpoints in your organization. 
--- a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md
@ -15,7 +15,10 @@ author: mjcaparas
 **Applies to:**
- Windows 10, version 1607
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 The Window Defender ATP sensor requires Microsoft Windows HTTP (WinHTTP) to report telemetry and communicate with the Windows Defender ATP service.
@ -24,95 +27,8 @@ The embedded Windows Defender ATP sensor runs in system context using the LocalS
 The WinHTTP configuration setting is independent of the Windows Internet (WinINet) internet browsing proxy settings and can only discover a proxy server by using the following discovery methods:
 <!-- - Configure Web Proxy Auto Detect (WPAD) settings and configure Windows to automatically detect the proxy server
 - Configure the proxy server manually using Netsh-->
 - Configure the proxy server manually using a static proxy
 <!--
 ## Configure Web Proxy Auto Detect (WPAD) settings and proxy server
 Configure WPAD in the environment and configure Windows to automatically detect the proxy server through Policy or the local Windows settings.
 Enable the **Automatically detect settings** option in the Windows Proxy settings so that WinHTTP can use the WPAD feature to locate a proxy server.
 1. Click **Start** and select **Settings**.
 2. Click **Network & Internet**.
 3. Select **Proxy**.
 4. Verify that the **Automatically detect settings** option is set to On.
    ![Image showing the proxy settings configuration page](images/proxy-settings.png)
 5. If the **Use setup script** or **Manual proxy setup** options are enabled then you will need to [configure proxy settings manually by using Netsh](#configure-proxy-server-manually-using-netsh) method for WinHTTP to discover the appropriate proxy settings and connect.
 ## Configure the proxy server manually using Netsh
 If **Use setup script** or **Manual proxy setup** settings are configured in the Windows Proxy setting, then endpoints will not be discovered by WinHTTP.
 Use Netsh to configure the proxy settings to enable connectivity.
 You can configure the endpoint by using any of these methods:
 - Importing the configured proxy settings to WinHTTP
 - Configuring the proxy settings manually to WinHTTP
 After configuring the endpoints, you'll need to verify that the correct proxy settings were applied.
 **Import the configured proxy settings to WinHTTP**
 1.  Open an elevated command-line prompt on the endpoint:
    a.  Go to **Start** and type **cmd**.
    b.  Right-click **Command prompt** and select **Run as administrator**.
 2. Enter the following command and press **Enter**:
 ```text
 netsh winhttp import proxy source=ie
 ```
 An output showing the applied WinHTTP proxy settings is displayed.
 **Configure the proxy settings manually to WinHTTP**
 1.  Open an elevated command-line prompt on the endpoint:
    a.  Go to **Start** and type **cmd**.
    b.  Right-click **Command prompt** and select **Run as administrator**.
 2. Enter the following command and press **Enter**:
 ```text
 proxy [proxy-server=] ProxyServerName:PortNumber
 ```
    Replace *ProxyServerName* with the fully qualified domain name of the proxy server.
    Replace *PortNumber* with the port number that you want to configure the proxy server with.
 An output showing the applied WinHTTP proxy settings is displayed.
 **Verify that the correct proxy settings were applied**
 1.  Open an elevated command-line prompt on the endpoint:
    a.  Go to **Start** and type **cmd**.
    b.  Right-click **Command prompt** and select **Run as administrator**.
 2. Enter the following command and press **Enter**:
 ```
 netsh winhttp show proxy
 ```
 For more information on how to use Netsh see, [Netsh Commands for Windows Hypertext Transfer Protocol (WINHTTP)](https://technet.microsoft.com/en-us/library/cc731131(v=ws.10).aspx)     
 -->
 ## Configure the proxy server manually using a static proxy
 Configure a static proxy to allow only Windows Defender ATP sensor to report telemetry and communicate with Windows Defender ATP services if a computer is not be permitted to connect to the Internet.
--- a/windows/keep-secure/configure-siem-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/configure-siem-windows-defender-advanced-threat-protection.md
@ -14,7 +14,10 @@ author: mjcaparas
 **Applies to:**
- Windows 10, version 1607
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 Windows Defender ATP supports security information and events management (SIEM) tools to consume alerts. Windows Defender ATP exposes alerts through an HTTPS endpoint hosted in Azure. The endpoint can be configured to get alerts from your enterprise tenant in Azure Active Directory (AAD) using the OAuth 2.0 authentication protocol for an AAD application that represents the specific SIEM connector installed in your environment.
@ -22,7 +25,7 @@ Windows Defender ATP supports security information and events management (SIEM)
 Windows Defender ATP currently supports the following SIEM tools:
 - Splunk
- HPE ArcSight
+- HP ArcSight
 To use either of these supported SIEM tools you'll need to:
--- a/windows/keep-secure/configure-splunk-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/configure-splunk-windows-defender-advanced-threat-protection.md
@ -14,7 +14,10 @@ author: mjcaparas
 **Applies to:**
- Windows 10, version 1607
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 You'll need to configure Splunk so that it can consume Windows Defender ATP alerts.
--- a/windows/keep-secure/dashboard-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/dashboard-windows-defender-advanced-threat-protection.md
@ -14,7 +14,10 @@ author: mjcaparas
 **Applies to:**
- Windows 10, version 1607
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 The **Dashboard** displays a snapshot of:
--- a/windows/keep-secure/data-storage-privacy-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/data-storage-privacy-windows-defender-advanced-threat-protection.md
@ -14,7 +14,10 @@ author: mjcaparas
 **Applies to:**
- Windows 10, version 1607
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 This section covers some of the most frequently asked questions regarding privacy and data handling for Windows Defender ATP.
@ -68,14 +71,3 @@ Your data will be kept for a period of at least 90 days, during which it will be
 Microsoft provides customers with detailed information about Microsoft's security and compliance programs, including audit reports and compliance packages, to help customers assess Windows Defender ATP services against their own legal and regulatory requirements. Windows Defender ATP has a roadmap for obtaining national, regional and industry-specific certifications, starting with ISO 27001. The service is designed, implemented, and maintained according to the compliance and privacy principles of ISO 27001, as well as Microsoft’s compliance standards.
 By providing customers with compliant, independently-verified services, Microsoft makes it easier for customers to achieve compliance for the infrastructure and applications they run, including this new Microsoft cloud service.
 <!--
 ## Is there a difference between how Microsoft handles data for the preview programs and for General Availability?
 Subject to the preview program you are in, you could be asked to choose to store your data in a datacenter either in Europe or United States. Your data will not be copied or moved outside of the datacenter you choose, except in the following specific circumstance:
 1.	You choose Europe as your datacenter, and
 2.	You [submit a file for deep analysis](investigate-files-windows-defender-advanced-threat-protection.md#submit-files-for-analysis).
 In this circumstance, the submitted file will be sent to the US deep analysis laboratory. The results of the analysis will be stored in the European datacenter, and the file and data will be deleted from the US deep analysis laboratory and datacenter.
 This is a temporary measure as we work to integrate our deep analysis capabilities into the European datacenter. If you have any concerns or questions about submitting files for deep analysis and you are using a European datacenter, or if you’d like to be updated as to when the European deep analysis lab is online, email [winatp@microsoft.com](mailto:winatp@microsoft.com).-->
--- a/windows/keep-secure/defender-compatibility-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/defender-compatibility-windows-defender-advanced-threat-protection.md
@ -14,7 +14,10 @@ author: mjcaparas
 **Applies to:**
- Windows 10, version 1607
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
--- a/windows/keep-secure/event-error-codes-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/event-error-codes-windows-defender-advanced-threat-protection.md
@ -15,7 +15,11 @@ author: iaanw
 **Applies to:**
- Windows 10, version 1607
+- Event Viewer
 - Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 You can review event IDs in the [Event Viewer](https://msdn.microsoft.com/en-US/library/aa745633(v=bts.10).aspx) on individual endpoints.
--- a/windows/keep-secure/investigate-alerts-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/investigate-alerts-windows-defender-advanced-threat-protection.md
@ -14,7 +14,10 @@ author: mjcaparas
 **Applies to:**
- Windows 10, version 1607
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 Alerts in Windows Defender ATP indicate possible security breaches on endpoints in your organization.
--- a/windows/keep-secure/investigate-domain-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/investigate-domain-windows-defender-advanced-threat-protection.md
@ -13,7 +13,10 @@ author: mjcaparas
 **Applies to:**
- Windows 10, version 1607
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 Investigate a domain to see if machines and servers in your enterprise network have been communicating with a known malicious domain.
--- a/windows/keep-secure/investigate-files-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/investigate-files-windows-defender-advanced-threat-protection.md
@ -13,7 +13,10 @@ author: mjcaparas
 **Applies to:**
- Windows 10, version 1607
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 Investigate the details of a file associated with a specific alert, behavior, or event to help determine if the file exhibits malicious activities, identify the attack motivation, and understand the potential scope of the breach.
--- a/windows/keep-secure/investigate-ip-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/investigate-ip-windows-defender-advanced-threat-protection.md
@ -13,7 +13,10 @@ author: mjcaparas
 **Applies to:**
- Windows 10, version 1607
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 Examine possible communication between your machines and external internet protocol (IP) addresses.
--- a/windows/keep-secure/investigate-machines-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/investigate-machines-windows-defender-advanced-threat-protection.md
@ -14,7 +14,10 @@ author: mjcaparas
 **Applies to:**
- Windows 10, version 1607
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 The **Machines view** shows a list of the machines in your network, the corresponding number of active alerts for each machine categorized by alert severity levels, and the number of active malware detections. This view allows you to identify machines with the highest risk at a glance, and keep track of all the machines that are reporting telemetry in your network.
--- a/windows/keep-secure/manage-alerts-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/manage-alerts-windows-defender-advanced-threat-protection.md
@ -14,7 +14,10 @@ author: mjcaparas
 **Applies to:**
- Windows 10, version 1607
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 Windows Defender ATP notifies you of detected, possible attacks or breaches through alerts. A summary of new alerts is displayed in the **Dashboard**, and you can access all alerts in the **Alerts queue** menu.
--- a/windows/keep-secure/minimum-requirements-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/minimum-requirements-windows-defender-advanced-threat-protection.md
@ -14,7 +14,10 @@ author: iaanw
 **Applies to:**
- Windows 10, version 1607
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 There are some minimum requirements for onboarding your network and endpoints.
--- a/windows/keep-secure/onboard-configure-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/onboard-configure-windows-defender-advanced-threat-protection.md
@ -14,7 +14,10 @@ author: iaanw
 **Applies to:**
- Windows 10, version 1607
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 You need to onboard to Windows Defender ATP before you can use the service.
--- a/windows/keep-secure/portal-overview-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/portal-overview-windows-defender-advanced-threat-protection.md
@ -14,7 +14,10 @@ author: DulceMV
 **Applies to:**
- Windows 10, version 1607
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 Enterprise security teams can use the Windows Defender ATP portal to monitor and assist in responding to alerts of potential advanced persistent threat (APT) activity or data breaches.
--- a/windows/keep-secure/settings-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/settings-windows-defender-advanced-threat-protection.md
@ -14,7 +14,10 @@ author: DulceMV
 **Applies to:**
- Windows 10, version 1607
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 Use the **Settings** menu ![Settings icon](images/settings.png) to configure the time zone, suppression rules, and view license information.
--- a/windows/keep-secure/troubleshoot-onboarding-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/troubleshoot-onboarding-windows-defender-advanced-threat-protection.md
@ -14,7 +14,10 @@ author: mjcaparas
 **Applies to:**
- Windows 10, version 1607.
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 You might need to troubleshoot the Windows Defender ATP onboarding process if you encounter issues.
--- a/windows/keep-secure/troubleshoot-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/troubleshoot-windows-defender-advanced-threat-protection.md
@ -13,7 +13,10 @@ author: mjcaparas
 **Applies to:**
- Windows 10, version 1607
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 This section addresses issues that might arise as you use the Windows Defender Advanced Threat service.
--- a/windows/keep-secure/use-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/use-windows-defender-advanced-threat-protection.md
@ -14,7 +14,10 @@ author: mjcaparas
 **Applies to:**
- Windows 10, version 1607
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 A typical security breach investigation requires a member of a security operations team to:
--- a/windows/keep-secure/windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/windows-defender-advanced-threat-protection.md
@ -14,7 +14,10 @@ author: mjcaparas
 **Applies to:**
- Windows 10, version 1607
+- Windows 10 Enterprise
 - Windows 10 Enterprise for Education
 - Windows 10 Pro
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 Windows Defender Advanced Threat Protection (Windows Defender ATP) is a security service, built into Windows 10 that enables enterprise customers to detect, investigate, and respond to advanced threats on their networks.