deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 22:07:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

revert yml

Browse Source
This commit is contained in:
Joey Caparas 2018-06-07 10:39:14 -07:00
commit 6885ce5a11
3 changed files with 11 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/threat-protection/windows-defender-atp/TOC.md
View File

@ -1,4 +1,4 @@
# [Windows Defender Advanced Threat Protection](windows-defender-advanced-threat-protection.md) # [Windows Defender Advanced Threat Protection portal](windows-defender-advanced-threat-protection.md)
##Get started ##Get started
### [Minimum requirements](minimum-requirements-windows-defender-advanced-threat-protection.md) ### [Minimum requirements](minimum-requirements-windows-defender-advanced-threat-protection.md)
### [Validate licensing and complete setup](licensing-windows-defender-advanced-threat-protection.md) ### [Validate licensing and complete setup](licensing-windows-defender-advanced-threat-protection.md)

55
windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection.md
View File

@ -1,6 +1,6 @@
--- ---
title: Windows Defender Advanced Threat Protection title: Windows Defender Advanced Threat Protection portal
description: Windows Defender Advanced Threat Protection is an enterprise security service that helps detect and respond to possible cybersecurity threats related to advanced persistent threats. description: The Windows Defender Advanced Threat Protection portal is teh gateway that helps secops to prevent, detect, investigate, and respond to possible cybersecurity threats related to advanced persistent threats.
keywords: introduction to Windows Defender Advanced Threat Protection, introduction to Windows Defender ATP, cybersecurity, advanced persistent threat, enterprise security, machine behavioral sensor, cloud security, analytics, threat intelligence keywords: introduction to Windows Defender Advanced Threat Protection, introduction to Windows Defender ATP, cybersecurity, advanced persistent threat, enterprise security, machine behavioral sensor, cloud security, analytics, threat intelligence
search.product: eADQiWindows 10XVcnh search.product: eADQiWindows 10XVcnh
ms.prod: w10 ms.prod: w10
@ -13,7 +13,7 @@ ms.localizationpriority: high
ms.date: 07/01/2018 ms.date: 07/01/2018
--- ---
# Windows Defender Advanced Threat Protection # Windows Defender Advanced Threat Protection portal
**Applies to:** **Applies to:**
@ -29,47 +29,13 @@ ms.date: 07/01/2018
> >
>For more info about Windows 10 Enterprise Edition features and functionality, see [Windows 10 Enterprise edition](https://www.microsoft.com/WindowsForBusiness/buy). >For more info about Windows 10 Enterprise Edition features and functionality, see [Windows 10 Enterprise edition](https://www.microsoft.com/WindowsForBusiness/buy).
Windows Defender Advanced Threat Protection is a suite of capabilities designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats.
--- To help you maximize the effectiveness of the security suite, you can configure individual capabilities that surface in the Windows Defender ATP portal. For more information about the Windows Defender ATP capabilities, see [Windows Defender Advanced Threat Protection](https://docs.microsoft.com/en-us/windows/security/wdatp).
# Windows Defender Advanced Threat Protection
Windows Defender Advanced Threat Protection (Windows Defender ATP) is a unified endpoint security platform using built-in security technologies working together and powered by the cloud.
![Windows Defender ATP service components](images/WDATP-components.png)
Windows Defender ATP offers a comprehensive approach in securing enterprise networks by offerring an end-to-end stack of security capabilities.
The attack surface reduction set of capabilities provide the first line of defense in the stack. By ensuring configuration settings are properly set and exploit mitigation techniques are applied, these set of capabilities resist attacks and exploitations. The Windows Defender ATP portal is where all the capabilities that are available across multiple products come together in a single-pane of glass.
To further reinforce the security perimeter of your network, Windows Defender ATP uses next generation protection designed to catch all types of emerging threats.
Endpoint detection and response capabilities are put in place to detect, investigate, and respond to advanced threats that may have made it past the first two security security pillars.
In conjunction with being able to quickly respond to advanced attacks, Windows Defender ATP offers automatic investigation and remediation capabilities that help reduce the volume of alerts in minutes at scale.
Windows Defender ATP also provides a security posture capability to help you dynamically assess the security state of your enterprise network, identify unprotected systems, and take recommended actions to improve the overall security state of your network.
The following table can help you better understand how capabilities align within the Windows Defender ATP offering:
Attack surface reduction | Next generation protection | Endpoint detection and response | Auto investigation and remediation | Security posture
:---|:---|:---|:---|:---
[Windows Defender SmartScreen](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview) OTHER PRODUCTS?? <br> OR <br> Hardware based isolation<br><br> Application control<br><br> Exploit protection<br><br> Network protection<br><br> Controlled folder access | [Windows Defender Antivirus](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10) <br> OR <br> Web protection <br><br> Machine learning <br><br> Script and memory attack protection <br><br> Antivirus <br><br> Runtime emulator<br><br> Threat intelligence<br><br> URL/IP reputation <br><br> Sandbox service | Deep operating system recording sensor <br><br> Machine learning, behavioral and anomaly detection <br><br> Response containment <br><br> Realtime and historical threat hunting <br><br> Threat intelligence and custom detections | Forensic collection <br><br> Response orchestration <br><br> Historical endpoint data <br><br> Artificial intelligence reponse playbooks | Asset inventory <br> Operating system baseline compliance <br><br> Recommended improvement actions<br> <br> Secure score <br><br> Threat analytics <br><br> Reporting and trends
These capabilities are available across multiple products that make up the Windows Defender ATP platform. For more information on how to leverage all the Windows Defender ATP capabilities, see [Threat protection](https://docs.microsoft.com/en-us/windows/security/threat-protection/index).
======================================================================
Windows Defender Advanced Threat Protection (Windows Defender ATP) is a security service that enables enterprise customers to detect, investigate, and respond to advanced threats on their networks.
Get a quick, but in-depth overview of Windows Defender ATP for Windows 10 and the new capabilities in Windows 10, version 1703 see [Windows Defender ATP for Windows 10 Creators Update](https://technet.microsoft.com/en-au/windows/mt782787). Get a quick, but in-depth overview of Windows Defender ATP for Windows 10 and the new capabilities in Windows 10, version 1703 see [Windows Defender ATP for Windows 10 Creators Update](https://technet.microsoft.com/en-au/windows/mt782787).
@ -97,15 +63,6 @@ Windows Defender ATP uses the following combination of technology built into Win
![Windows Defender ATP service component](images/components.png) ![Windows Defender ATP service component](images/components.png)
Machine investigation capabilities in this service let you drill down
into security alerts and understand the scope and nature of a potential
breach. You can submit files for deep analysis and receive the results
without leaving the [Windows Defender ATP portal](https://securitycenter.windows.com). The automated investigation and remediation capability reduces the volume of alerts by leveraging various inspection algorithms to resolve breaches.
Windows Defender ATP works with existing Windows security technologies
on machines, such as Windows Defender Antivirus, AppLocker, and Windows Defender Device Guard. It
can also work side-by-side with third-party security solutions and
antimalware products.
Windows Defender ATP leverages Microsoft technology and expertise to Windows Defender ATP leverages Microsoft technology and expertise to
detect sophisticated cyber-attacks, providing: detect sophisticated cyber-attacks, providing:

9
windows/security/wdatp/index.md
View File

@ -13,14 +13,11 @@ ms.date: 06/04/2018
# Windows Defender Advanced Threat Protection # Windows Defender Advanced Threat Protection
Windows Defender Advanced Threat Protection (Windows Defender ATP) is a unified endpoint security platform using built-in security technologies working together and powered by the cloud. Windows Defender Advanced Threat Protection (Windows Defender ATP)is a unified platform for preventative protection, post-breach detection, automated investigation and response, employing intelligent protection to protect endpoints from cyber threats.
![Windows Defender ATP service components](images/WDATP-components.png)
![Windows Defender ATP components](images/wdatp-pillars.png) ![Windows Defender ATP components](images/wdatp-pillars.png)
Windows Defender ATP offers a comprehensive approach in securing enterprise networks by offerring an end-to-end stack of security capabilities.
The attack surface reduction set of capabilities provide the first line of defense in the stack. By ensuring configuration settings are properly set and exploit mitigation techniques are applied, these set of capabilities resist attacks and exploitations. The attack surface reduction set of capabilities provide the first line of defense in the stack. By ensuring configuration settings are properly set and exploit mitigation techniques are applied, these set of capabilities resist attacks and exploitations.
@ -32,13 +29,15 @@ In conjunction with being able to quickly respond to advanced attacks, Windows D
Windows Defender ATP also provides a security posture capability to help you dynamically assess the security state of your enterprise network, identify unprotected systems, and take recommended actions to improve the overall security state of your network. Windows Defender ATP also provides a security posture capability to help you dynamically assess the security state of your enterprise network, identify unprotected systems, and take recommended actions to improve the overall security state of your network.
Advanced hunting gives you the flexibility of using a powerful search and query tool to proactively hunt for possible threats accross your organization.
The following table can help you better understand how capabilities align within the Windows Defender ATP offering: The following table can help you better understand how capabilities align within the Windows Defender ATP offering:
Attack surface reduction | Next generation protection | Endpoint detection and response | Auto investigation and remediation | Security posture Attack surface reduction | Next generation protection | Endpoint detection and response | Auto investigation and remediation | Security posture
:---|:---|:---|:---|:--- :---|:---|:---|:---|:---
[Windows Defender SmartScreen](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview) OTHER PRODUCTS?? <br> OR <br> Hardware based isolation<br><br> Application control<br><br> Exploit protection<br><br> Network protection<br><br> Controlled folder access | [Windows Defender Antivirus](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10) <br> OR <br> Web protection <br><br> Machine learning <br><br> Script and memory attack protection <br><br> Antivirus <br><br> Runtime emulator<br><br> Threat intelligence<br><br> URL/IP reputation <br><br> Sandbox service | Deep operating system recording sensor <br><br> Machine learning, behavioral and anomaly detection <br><br> Response containment <br><br> Realtime and historical threat hunting <br><br> Threat intelligence and custom detections | Forensic collection <br><br> Response orchestration <br><br> Historical endpoint data <br><br> Artificial intelligence reponse playbooks | Asset inventory <br> Operating system baseline compliance <br><br> Recommended improvement actions<br> <br> Secure score <br><br> Threat analytics <br><br> Reporting and trends Hardware based isolation<br><br> Application control<br><br> Exploit protection<br><br> Network protection<br><br> Controlled folder access | Web protection <br><br> Machine learning <br><br> Script and memory attack protection <br><br> Antivirus <br><br> Runtime emulator<br><br> Threat intelligence<br><br> URL/IP reputation <br><br> Sandbox service | Deep operating system recording sensor <br><br> Machine learning, behavioral and anomaly detection <br><br> Response containment <br><br> Realtime and historical threat hunting <br><br> Threat intelligence and custom detections | Forensic collection <br><br> Response orchestration <br><br> Historical endpoint data <br><br> Artificial intelligence reponse playbooks | Asset inventory <br> Operating system baseline compliance <br><br> Recommended improvement actions<br> <br> Secure score <br><br> Threat analytics <br><br> Reporting and trends
These capabilities are available across multiple products that make up the Windows Defender ATP platform. For more information on how to leverage all the Windows Defender ATP capabilities, see [Threat protection](https://docs.microsoft.com/en-us/windows/security/threat-protection/index). These capabilities are available across multiple products that make up the Windows Defender ATP platform. For more information on how to leverage all the Windows Defender ATP capabilities, see [Threat protection](https://docs.microsoft.com/en-us/windows/security/threat-protection/index).