mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-14 14:27:22 +00:00
Merge pull request #4214 from MicrosoftDocs/alluthewriter-4626590-Branch-3
Defender Rebrand- task 4626590- Branch-3
This commit is contained in:
Tina Burden
GitHub
commit
7bcccf9fdf
@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Threat Protection (Windows 10)
|
||||
description: Microsoft Defender Advanced Threat Protection is a unified platform for preventative protection, post-breach detection, automated investigation, and response.
|
||||
description: Microsoft Defender for Endpoint is a unified platform for preventative protection, post-breach detection, automated investigation, and response.
|
||||
keywords: threat protection, Microsoft Defender Advanced Threat Protection, attack surface reduction, next-generation protection, endpoint detection and response, automated investigation and response, microsoft threat experts, Microsoft Secure Score for Devices, advanced hunting, cyber threat hunting, web threat protection
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
ms.prod: w10
|
||||
@ -17,12 +17,12 @@ ms.topic: conceptual
|
||||
---
|
||||
|
||||
# Threat Protection
|
||||
[Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection) is a unified platform for preventative protection, post-breach detection, automated investigation, and response. Microsoft Defender ATP protects endpoints from cyber threats, detects advanced attacks and data breaches, automates security incidents, and improves security posture.
|
||||
[Microsoft Defender for Endpoint](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection) is a unified platform for preventative protection, post-breach detection, automated investigation, and response. Defender for Endpoint protects endpoints from cyber threats, detects advanced attacks and data breaches, automates security incidents, and improves security posture.
|
||||
|
||||
> [!TIP]
|
||||
> Enable your users to access cloud services and on-premises applications with ease and enable modern management capabilities for all devices. For more information, see [Secure your remote workforce](https://docs.microsoft.com/enterprise-mobility-security/remote-work/).
|
||||
|
||||
<center><h2>Microsoft Defender ATP</center></h2>
|
||||
<center><h2>Microsoft Defender for Endpoint</center></h2>
|
||||
<table>
|
||||
<tr>
|
||||
<td><a href="#tvm"><center><img src="images/TVM_icon.png" alt="threat and vulnerability icon"> <br><b>Threat & vulnerability management</b></center></a></td>
|
||||
@ -37,7 +37,7 @@ ms.topic: conceptual
|
||||
<a href="#apis"><center><b>Centralized configuration and administration, APIs</a></b></center></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td colspan="7"><a href="#mtp"><center><b>Microsoft Threat Protection</a></center></b></td>
|
||||
<td colspan="7"><a href="#mtp"><center><b>Microsoft 365 Defender</a></center></b></td>
|
||||
</tr>
|
||||
</table>
|
||||
<br>
|
||||
@ -73,7 +73,7 @@ The attack surface reduction set of capabilities provide the first line of defen
|
||||
<a name="ngp"></a>
|
||||
|
||||
**[Next-generation protection](microsoft-defender-antivirus/microsoft-defender-antivirus-in-windows-10.md)**<br>
|
||||
To further reinforce the security perimeter of your network, Microsoft Defender ATP uses next-generation protection designed to catch all types of emerging threats.
|
||||
To further reinforce the security perimeter of your network, Microsoft Defender for Endpoint uses next-generation protection designed to catch all types of emerging threats.
|
||||
|
||||
- [Behavior monitoring](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus)
|
||||
- [Cloud-based protection](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/configure-protection-features-microsoft-defender-antivirus)
|
||||
@ -98,7 +98,7 @@ Endpoint detection and response capabilities are put in place to detect, investi
|
||||
<a name="ai"></a>
|
||||
|
||||
**[Automated investigation and remediation](microsoft-defender-atp/automated-investigations.md)**<br>
|
||||
In addition to quickly responding to advanced attacks, Microsoft Defender ATP offers automatic investigation and remediation capabilities that help reduce the volume of alerts in minutes at scale.
|
||||
In addition to quickly responding to advanced attacks, Microsoft Defender for Endpoint offers automatic investigation and remediation capabilities that help reduce the volume of alerts in minutes at scale.
|
||||
|
||||
- [Automated investigation and remediation](microsoft-defender-atp/automated-investigations.md)
|
||||
- [View details and results of automated investigations](microsoft-defender-atp/auto-investigation-action-center.md)
|
||||
@ -107,16 +107,16 @@ In addition to quickly responding to advanced attacks, Microsoft Defender ATP of
|
||||
<a name="mte"></a>
|
||||
|
||||
**[Microsoft Threat Experts](microsoft-defender-atp/microsoft-threat-experts.md)**<br>
|
||||
Microsoft Defender ATP's new managed threat hunting service provides proactive hunting, prioritization, and additional context and insights. Microsoft Threat Experts further empowers Security Operation Centers (SOCs) to identify and respond to threats quickly and accurately.
|
||||
Microsoft Defender for Endpoint's new managed threat hunting service provides proactive hunting, prioritization, and additional context and insights. Microsoft Threat Experts further empowers Security Operation Centers (SOCs) to identify and respond to threats quickly and accurately.
|
||||
|
||||
- [Targeted attack notification](microsoft-defender-atp/microsoft-threat-experts.md)
|
||||
- [Experts-on-demand](microsoft-defender-atp/microsoft-threat-experts.md)
|
||||
- [Configure your Microsoft Threat Protection managed hunting service](microsoft-defender-atp/configure-microsoft-threat-experts.md)
|
||||
- [Configure your Microsoft 365 Defender managed hunting service](microsoft-defender-atp/configure-microsoft-threat-experts.md)
|
||||
|
||||
<a name="apis"></a>
|
||||
|
||||
**[Centralized configuration and administration, APIs](microsoft-defender-atp/management-apis.md)**<br>
|
||||
Integrate Microsoft Defender Advanced Threat Protection into your existing workflows.
|
||||
Integrate Microsoft Defender for Endpoint into your existing workflows.
|
||||
- [Onboarding](microsoft-defender-atp/onboard-configure.md)
|
||||
- [API and SIEM integration](microsoft-defender-atp/configure-siem.md)
|
||||
- [Exposed APIs](microsoft-defender-atp/apis-intro.md)
|
||||
@ -125,14 +125,14 @@ Integrate Microsoft Defender Advanced Threat Protection into your existing workf
|
||||
|
||||
<a name="integration"></a>
|
||||
**[Integration with Microsoft solutions](microsoft-defender-atp/threat-protection-integration.md)** <br>
|
||||
Microsoft Defender ATP directly integrates with various Microsoft solutions, including:
|
||||
Microsoft Defender for Endpoint directly integrates with various Microsoft solutions, including:
|
||||
- Intune
|
||||
- Office 365 ATP
|
||||
- Azure ATP
|
||||
- Azure Security Center
|
||||
- Microsoft Defender for Office 365
|
||||
- Microsoft Defender for Identity
|
||||
- Azure Defender
|
||||
- Skype for Business
|
||||
- Microsoft Cloud App Security
|
||||
|
||||
<a name="mtp"></a>
|
||||
**[Microsoft Threat Protection](https://docs.microsoft.com/microsoft-365/security/mtp/microsoft-threat-protection)**<br>
|
||||
With Microsoft Threat Protection, Microsoft Defender ATP and various Microsoft security solutions form a unified pre- and post-breach enterprise defense suite that natively integrates across endpoint, identity, email, and applications to detect, prevent, investigate, and automatically respond to sophisticated attacks.
|
||||
**[Microsoft 365 Defender](https://docs.microsoft.com/microsoft-365/security/mtp/microsoft-threat-protection)**<br>
|
||||
With Microsoft 365 Defender, Microsoft Defender for Endpoint and various Microsoft security solutions form a unified pre- and post-breach enterprise defense suite that natively integrates across endpoint, identity, email, and applications to detect, prevent, investigate, and automatically respond to sophisticated attacks.
|
||||
|
||||
@ -106,7 +106,7 @@ Microsoft Defender Antivirus in Windows 10 uses a multi-pronged approach to impr
|
||||
|
||||
For more information, see [Windows Defender in Windows 10](microsoft-defender-antivirus/microsoft-defender-antivirus-in-windows-10.md) and [Windows Defender Overview for Windows Server](https://docs.microsoft.com/windows-server/security/windows-defender/windows-defender-overview-windows-server).
|
||||
|
||||
For information about Microsoft Defender Advanced Threat Protection, a service that helps enterprises to detect, investigate, and respond to advanced and targeted attacks on their networks, see [Microsoft Defender Advanced Threat Protection (ATP)](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp) (resources) and [Microsoft Defender Advanced Threat Protection (ATP)](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection) (documentation).
|
||||
For information about Microsoft Defender for Endpoint, a service that helps enterprises to detect, investigate, and respond to advanced and targeted attacks on their networks, see [Microsoft Defender for Endpoint](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp) (resources) and [Microsoft Defender for Endpoint](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection) (documentation).
|
||||
|
||||
### Data Execution Prevention
|
||||
|
||||
@ -445,14 +445,14 @@ Examples:
|
||||
|
||||
#### EMET-related products
|
||||
|
||||
Microsoft Consulting Services (MCS) and Microsoft Support/Premier Field Engineering (PFE) offer a range of options for EMET, support for EMET, and EMET-related reporting and auditing products such as the EMET Enterprise Reporting Service (ERS). For any enterprise customers who use such products today or who are interested in similar capabilities, we recommend evaluating [Microsoft Defender Advanced Threat Protection](microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md) (ATP).
|
||||
Microsoft Consulting Services (MCS) and Microsoft Support/Premier Field Engineering (PFE) offer a range of options for EMET, support for EMET, and EMET-related reporting and auditing products such as the EMET Enterprise Reporting Service (ERS). For any enterprise customers who use such products today or who are interested in similar capabilities, we recommend evaluating [Microsoft Defender for Endpoint](microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md).
|
||||
|
||||
## Related topics
|
||||
|
||||
- [Security and Assurance in Windows Server 2016](https://docs.microsoft.com/windows-server/security/security-and-assurance)
|
||||
- [Microsoft Defender Advanced Threat Protection (ATP) - resources](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp)
|
||||
- [Microsoft Defender Advanced Threat Protection (ATP) - documentation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection)
|
||||
- [Microsoft Defender for Endpoint - resources](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp)
|
||||
- [Microsoft Microsoft Defender for Endpoint - documentation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection)
|
||||
- [Exchange Online Advanced Threat Protection Service Description](https://docs.microsoft.com/office365/servicedescriptions/office-365-advanced-threat-protection-service-description)
|
||||
- [Office 365 Advanced Threat Protection](https://products.office.com/en-us/exchange/online-email-threat-protection)
|
||||
- [Microsoft Defender for Office 365](https://products.office.com/en-us/exchange/online-email-threat-protection)
|
||||
- [Microsoft Malware Protection Center](https://www.microsoft.com/security/portal/mmpc/default.aspx)
|
||||
|
||||
|
||||
@ -110,10 +110,11 @@ Several new features and management options have been added to Windows Defender
|
||||
- [Run a Windows Defender scan from the command line](/windows/threat-protection/microsoft-defender-antivirus/command-line-arguments-microsoft-defender-antivirus).
|
||||
- [Detect and block Potentially Unwanted Applications with Windows Defender](/windows/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus) during download and install times.
|
||||
|
||||
### Windows Defender Advanced Threat Protection (ATP)
|
||||
With the growing threat from more sophisticated targeted attacks, a new security solution is imperative in securing an increasingly complex network ecosystem. Windows Defender Advanced Threat Protection (Windows Defender ATP) is a security service, built into Windows 10 that enables enterprise customers detect, investigate, and respond to advanced threats on their networks.
|
||||
### Microsoft Defender for Endpoint
|
||||
|
||||
[Learn more about Windows Defender Advanced Threat Protection (ATP)](/windows/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection).
|
||||
With the growing threat from more sophisticated targeted attacks, a new security solution is imperative in securing an increasingly complex network ecosystem. Microsoft Defender for Endpoint is a security service, built into Windows 10 that enables enterprise customers detect, investigate, and respond to advanced threats on their networks.
|
||||
|
||||
[Learn more about Microsoft Defender for Endpoint](/windows/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection).
|
||||
|
||||
## Management
|
||||
|
||||
|
||||
@ -96,9 +96,9 @@ For details, see [MBR2GPT.EXE](/windows/deployment/mbr-to-gpt).
|
||||
|
||||
## Security
|
||||
|
||||
### Windows Defender Advanced Threat Protection
|
||||
### Microsoft Defender for Endpoint
|
||||
|
||||
New features in Windows Defender Advanced Threat Protection (ATP) for Windows 10, version 1703 include:
|
||||
New features in Microsoft Defender for Endpoint for Windows 10, version 1703 include:
|
||||
- **Detection**<br>
|
||||
Enhancements to the detection capabilities include:
|
||||
- [Use the threat intelligence API to create custom alerts](/windows/threat-protection/windows-defender-atp/use-custom-ti-windows-defender-advanced-threat-protection) - Understand threat intelligence concepts, enable the threat intel application, and create custom threat intelligence alerts for your organization.
|
||||
@ -107,12 +107,12 @@ New features in Windows Defender Advanced Threat Protection (ATP) for Windows 10
|
||||
- Historical detection capability ensures new detection rules apply to up to six months of stored data to detect previous attacks that might not have been noticed
|
||||
|
||||
- **Investigation**<br>
|
||||
Enterprise customers can now take advantage of the entire Windows security stack with Microsoft Defender Antivirus detections and Device Guard blocks being surfaced in the Windows Defender ATP portal. Other capabilities have been added to help you gain a holistic view on investigations.
|
||||
Enterprise customers can now take advantage of the entire Windows security stack with Microsoft Defender Antivirus detections and Device Guard blocks being surfaced in the Microsoft Defender for Endpoint portal. Other capabilities have been added to help you gain a holistic view on investigations.
|
||||
|
||||
Other investigation enhancements include:
|
||||
- [Investigate a user account](/windows/threat-protection/windows-defender-atp/investigate-user-windows-defender-advanced-threat-protection) - Identify user accounts with the most active alerts and investigate cases of potential compromised credentials.
|
||||
- [Alert process tree](/windows/threat-protection/windows-defender-atp/investigate-alerts-windows-defender-advanced-threat-protection#alert-process-tree) - Aggregates multiple detections and related events into a single view to reduce case resolution time.
|
||||
- [Pull alerts using REST API](/windows/threat-protection/windows-defender-atp/pull-alerts-using-rest-api-windows-defender-advanced-threat-protection) - Use REST API to pull alerts from Windows Defender ATP.
|
||||
- [Pull alerts using REST API](/windows/threat-protection/windows-defender-atp/pull-alerts-using-rest-api-windows-defender-advanced-threat-protection) - Use REST API to pull alerts from Microsoft Defender for Endpoint.
|
||||
|
||||
- **Response**<br>
|
||||
When detecting an attack, security response teams can now take immediate action to contain a breach:
|
||||
@ -121,11 +121,11 @@ New features in Windows Defender Advanced Threat Protection (ATP) for Windows 10
|
||||
|
||||
|
||||
- **Other features**
|
||||
- [Check sensor health state](/windows/threat-protection/windows-defender-atp/check-sensor-status-windows-defender-advanced-threat-protection) - Check an endpoint's ability to provide sensor data and communicate with the Windows Defender ATP service and fix known issues.
|
||||
- [Check sensor health state](/windows/threat-protection/windows-defender-atp/check-sensor-status-windows-defender-advanced-threat-protection) - Check an endpoint's ability to provide sensor data and communicate with the Microsoft Defender for Endpoint service and fix known issues.
|
||||
|
||||
You can read more about ransomware mitigations and detection capability in Windows Defender Advanced Threat Protection in the blog: [Averting ransomware epidemics in corporate networks with Windows Defender ATP](https://blogs.technet.microsoft.com/mmpc/2017/01/30/averting-ransomware-epidemics-in-corporate-networks-with-windows-defender-atp/).
|
||||
You can read more about ransomware mitigations and detection capability in Microsoft Defender for Endpoint in the blog: [Averting ransomware epidemics in corporate networks with Microsoft Defender for Endpoint](https://blogs.technet.microsoft.com/mmpc/2017/01/30/averting-ransomware-epidemics-in-corporate-networks-with-windows-defender-atp/).
|
||||
|
||||
Get a quick, but in-depth overview of Windows Defender ATP for Windows 10 and the new capabilities in Windows 10, version 1703 see [Windows Defender ATP for Windows 10 Creators Update](https://technet.microsoft.com/windows/mt782787).
|
||||
Get a quick, but in-depth overview of Microsoft Defender for Endpoint for Windows 10 and the new capabilities in Windows 10, version 1703 see [Microsoft Defender for Endpoint for Windows 10 Creators Update](https://technet.microsoft.com/windows/mt782787).
|
||||
|
||||
### Microsoft Defender Antivirus
|
||||
Windows Defender is now called Microsoft Defender Antivirus, and we've [increased the breadth of the documentation library for enterprise security admins](/windows/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-in-windows-10).
|
||||
|
||||
@ -85,9 +85,9 @@ The AssignedAccess CSP has been expanded to make it easy for administrators to c
|
||||
|
||||
**Windows security baselines** have been updated for Windows 10. A [security baseline](https://docs.microsoft.com/windows/device-security/windows-security-baselines) is a group of Microsoft-recommended configuration settings and explains their security impact. For more information, and to download the Policy Analyzer tool, see [Microsoft Security Compliance Toolkit 1.0](https://docs.microsoft.com/windows/device-security/security-compliance-toolkit-10).
|
||||
|
||||
### Windows Defender ATP
|
||||
### Microsoft Defender for Endpoint
|
||||
|
||||
Windows Defender ATP has been expanded with powerful analytics, security stack integration, and centralized management for better detection, prevention, investigation, response, and management. For more information, see [View the Windows Defender Advanced Threat Protection Security analytics dashboard](https://docs.microsoft.com/windows/threat-protection/windows-defender-atp/security-analytics-dashboard-windows-defender-advanced-threat-protection).
|
||||
Microsoft Defender for Endpoint has been expanded with powerful analytics, security stack integration, and centralized management for better detection, prevention, investigation, response, and management. For more information, see [View the Microsoft Defender for Endpoint Security analytics dashboard](https://docs.microsoft.com/windows/threat-protection/windows-defender-atp/security-analytics-dashboard-windows-defender-advanced-threat-protection).
|
||||
|
||||
### Windows Defender Application Guard
|
||||
|
||||
@ -149,7 +149,7 @@ Several network stack enhancements are available in this release. Some of these
|
||||
[Windows 10 Features](https://www.microsoft.com/windows/features): Review general information about Windows 10 features.<br>
|
||||
[What's New in Windows 10](https://docs.microsoft.com/windows/whats-new/): See what’s new in other versions of Windows 10.<br>
|
||||
[What's new in Windows 10, version 1709](https://docs.microsoft.com/windows-hardware/get-started/what-s-new-in-windows): See what’s new in Windows 10 hardware.<br>
|
||||
[Windows 10 Fall Creators Update Next Generation Security](https://www.youtube.com/watch?v=JDGMNFwyUg8): YouTube video about Windows Defender ATP in Windows 10, version 1709.
|
||||
[Windows 10 Fall Creators Update Next Generation Security](https://www.youtube.com/watch?v=JDGMNFwyUg8): YouTube video about Microsoft Defender for Endpoint in Windows 10, version 1709.
|
||||
[Threat protection on Windows 10](https://docs.microsoft.com/windows/security/threat-protection/):Detects advanced attacks and data breaches, automates security incidents and improves security posture.<br>
|
||||
|
||||
|
||||
|
||||
@ -173,7 +173,7 @@ The new [security baseline for Windows 10 version 1803](https://docs.microsoft.c
|
||||
|
||||
### Microsoft Defender Antivirus
|
||||
|
||||
Microsoft Defender Antivirus now shares detection status between M365 services and interoperates with Windows Defender ATP. Additional policies have also been implemented to enhance cloud based protection, and new channels are available for emergency protection. For more information, see [Virus and threat protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-security-center/wdsc-virus-threat-protection) and [Use next-gen technologies in Microsoft Defender Antivirus through cloud-delivered protection](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/utilize-microsoft-cloud-protection-microsoft-defender-antivirus).
|
||||
Microsoft Defender Antivirus now shares detection status between M365 services and interoperates with Microsoft Defender for Endpoint. Additional policies have also been implemented to enhance cloud based protection, and new channels are available for emergency protection. For more information, see [Virus and threat protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-security-center/wdsc-virus-threat-protection) and [Use next-gen technologies in Microsoft Defender Antivirus through cloud-delivered protection](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/utilize-microsoft-cloud-protection-microsoft-defender-antivirus).
|
||||
|
||||
### Windows Defender Exploit Guard
|
||||
|
||||
@ -181,15 +181,15 @@ Windows Defender Exploit Guard enhanced attack surface area reduction, extended
|
||||
|
||||
For more information, see [Reduce attack surfaces](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction)
|
||||
|
||||
### Windows Defender ATP
|
||||
### Microsoft Defender for Endpoint
|
||||
|
||||
[Windows Defender ATP](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection) has been enhanced with many new capabilities. For more information, see the following topics:
|
||||
[Microsoft Defender for Endpoint](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection) has been enhanced with many new capabilities. For more information, see the following topics:
|
||||
|
||||
- [Query data using Advanced hunting in Windows Defender ATP](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection)
|
||||
- [Query data using Advanced hunting in Microsoft Defender for Endpoint](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection)
|
||||
- [Use Automated investigations to investigate and remediate threats](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection)
|
||||
- [Enable conditional access to better protect users, devices, and data](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/conditional-access-windows-defender-advanced-threat-protection)
|
||||
|
||||
Also see [New capabilities of Windows Defender ATP further maximizing the effectiveness and robustness of endpoint security](https://blogs.windows.com/business/2018/04/17/new-capabilities-of-windows-defender-atp-further-maximizing-the-effectiveness-and-robustness-of-endpoint-security/#62FUJ3LuMXLQidVE.97)
|
||||
Also see [New capabilities of Microsoft Defender for Endpoint further maximizing the effectiveness and robustness of endpoint security](https://blogs.windows.com/business/2018/04/17/new-capabilities-of-windows-defender-atp-further-maximizing-the-effectiveness-and-robustness-of-endpoint-security/#62FUJ3LuMXLQidVE.97)
|
||||
|
||||
### Windows Defender Application Guard
|
||||
|
||||
@ -233,5 +233,5 @@ Support in [Windows Defender Application Guard](#windows-defender-application-gu
|
||||
- [Windows 10 Features](https://www.microsoft.com/windows/features): Review general information about Windows 10 features.
|
||||
- [What's New in Windows 10](https://docs.microsoft.com/windows/whats-new/): See what’s new in other versions of Windows 10.
|
||||
- [What's new in Windows 10, version 1709](https://docs.microsoft.com/windows-hardware/get-started/what-s-new-in-windows): See what’s new in Windows 10 hardware.
|
||||
- [Windows 10 Fall Creators Update Next Generation Security](https://www.youtube.com/watch?v=JDGMNFwyUg8): YouTube video about Windows Defender ATP in Windows 10, version 1709.
|
||||
- [Windows 10 Fall Creators Update Next Generation Security](https://www.youtube.com/watch?v=JDGMNFwyUg8): YouTube video about Microsoft Defender for Endpoint in Windows 10, version 1709.
|
||||
|
||||
|
||||
@ -133,32 +133,32 @@ Windows Defender Credential Guard has always been an optional feature, but Windo
|
||||
|
||||
A network connection is now required to set up a new device. As a result, we removed the “skip for now” option in the network setup page in Out Of Box Experience (OOBE).
|
||||
|
||||
### Windows Defender ATP
|
||||
### Microsoft Defender for Endpoint
|
||||
|
||||
[Windows Defender ATP](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection) has been enhanced with many new capabilities. For more information, see the following topics:
|
||||
[Microsoft Defender for Endpoint](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection) has been enhanced with many new capabilities. For more information, see the following topics:
|
||||
|
||||
- [Threat analytics](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/threat-analytics)<br>
|
||||
Threat Analytics is a set of interactive reports published by the Windows Defender ATP research team as soon as emerging threats and outbreaks are identified. The reports help security operations teams assess impact on their environment and provides recommended actions to contain, increase organizational resilience, and prevent specific threats.
|
||||
Threat Analytics is a set of interactive reports published by the Microsoft Defender for Endpoint research team as soon as emerging threats and outbreaks are identified. The reports help security operations teams assess impact on their environment and provides recommended actions to contain, increase organizational resilience, and prevent specific threats.
|
||||
|
||||
- [Custom detection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/overview-custom-detections)<br>
|
||||
With custom detections, you can create custom queries to monitor events for any kind of behavior such as suspicious or emerging threats. This can be done by leveraging the power of Advanced hunting through the creation of custom detection rules.
|
||||
|
||||
- [Managed security service provider (MSSP) support](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/mssp-support-windows-defender-advanced-threat-protection)<br>
|
||||
Windows Defender ATP adds support for this scenario by providing MSSP integration.
|
||||
Microsoft Defender for Endpoint adds support for this scenario by providing MSSP integration.
|
||||
The integration will allow MSSPs to take the following actions:
|
||||
Get access to MSSP customer's Windows Defender Security Center portal, fetch email notifications, and fetch alerts through security information and event management (SIEM) tools.
|
||||
|
||||
- [Integration with Azure Security Center](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection#integration-with-azure-security-center)<br>
|
||||
Windows Defender ATP integrates with Azure Security Center to provide a comprehensive server protection solution. With this integration Azure Security Center can leverage the power of Windows Defender ATP to provide improved threat detection for Windows Servers.
|
||||
- [Integration with Azure Defender](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection#integration-with-azure-security-center)<br>
|
||||
Microsoft Defender for Endpoint integrates with Azure Defender to provide a comprehensive server protection solution. With this integration Azure Defender can leverage the power of Microsoft Defender for Endpoint to provide improved threat detection for Windows Servers.
|
||||
|
||||
- [Integration with Microsoft Cloud App Security](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/microsoft-cloud-app-security-integration)<br>
|
||||
Microsoft Cloud App Security leverages Windows Defender ATP endpoint signals to allow direct visibility into cloud application usage including the use of unsupported cloud services (shadow IT) from all Windows Defender ATP monitored machines.
|
||||
Microsoft Cloud App Security leverages Microsoft Defender for Endpoint signals to allow direct visibility into cloud application usage including the use of unsupported cloud services (shadow IT) from all Microsoft Defender for Endpoint monitored machines.
|
||||
|
||||
- [Onboard Windows Server 2019](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection#windows-server-version-1803-and-windows-server-2019) <br>
|
||||
Windows Defender ATP now adds support for Windows Server 2019. You'll be able to onboard Windows Server 2019 in the same method available for Windows 10 client machines.
|
||||
Microsoft Defender for Endpoint now adds support for Windows Server 2019. You'll be able to onboard Windows Server 2019 in the same method available for Windows 10 client machines.
|
||||
|
||||
- [Onboard previous versions of Windows](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/onboard-downlevel-windows-defender-advanced-threat-protection)<br>
|
||||
Onboard supported versions of Windows machines so that they can send sensor data to the Windows Defender ATP sensor
|
||||
Onboard supported versions of Windows machines so that they can send sensor data to the Microsoft Defender for Endpoint sensor
|
||||
|
||||
## Cloud Clipboard
|
||||
|
||||
|
||||
@ -66,7 +66,7 @@ SetupDiag is a command-line tool that can help diagnose why a Windows 10 update
|
||||
|
||||
### Windows Information Protection
|
||||
|
||||
With this release, Windows Defender ATP extends discovery and protection of sensitive information with [Auto Labeling](https://docs.microsoft.com/windows/security/information-protection/windows-information-protection/how-wip-works-with-labels#how-wip-protects-automatically-classified-files).
|
||||
With this release, Microsoft Defender for Endpoint extends discovery and protection of sensitive information with [Auto Labeling](https://docs.microsoft.com/windows/security/information-protection/windows-information-protection/how-wip-works-with-labels#how-wip-protects-automatically-classified-files).
|
||||
|
||||
### Security configuration framework
|
||||
|
||||
@ -80,15 +80,15 @@ The draft release of the [security configuration baseline settings](https://blog
|
||||
|
||||
[Intune Security Baselines](https://docs.microsoft.com/intune/security-baselines) (Preview): Now includes many settings supported by Intune that you can use to help secure and protect your users and devices. You can automatically set these settings to values recommended by security teams.
|
||||
|
||||
### Microsoft Defender Advanced Threat Protection (ATP):
|
||||
### Microsoft Defender for Endpoint
|
||||
|
||||
- [Attack surface area reduction](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/overview-attack-surface-reduction) – IT admins can configure devices with advanced web protection that enables them to define allow and deny lists for specific URL’s and IP addresses.
|
||||
- [Next generation protection](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-in-windows-10) – Controls have been extended to protection from ransomware, credential misuse, and attacks that are transmitted through removable storage.
|
||||
- Integrity enforcement capabilities – Enable remote runtime attestation of Windows 10 platform.
|
||||
- Tamper-proofing capabilities – Uses virtualization-based security to isolate critical ATP security capabilities away from the OS and attackers.
|
||||
- [Platform support](https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Protecting-Windows-Server-with-Windows-Defender-ATP/ba-p/267114) – In addition to Windows 10, Windows Defender ATP’s functionality has been extended to support Windows 7 and Windows 8.1 clients, as well as macOS, Linux, and Windows Server with both its Endpoint Detection (EDR) and Endpoint Protection Platform (EPP) capabilities.
|
||||
- Tamper-proofing capabilities – Uses virtualization-based security to isolate critical Microsoft Defender for Endpoint security capabilities away from the OS and attackers.
|
||||
- [Platform support](https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Protecting-Windows-Server-with-Windows-Defender-ATP/ba-p/267114) – In addition to Windows 10, Microsoft Defender for Endpoint’s functionality has been extended to support Windows 7 and Windows 8.1 clients, as well as macOS, Linux, and Windows Server with both its Endpoint Detection (EDR) and Endpoint Protection Platform (EPP) capabilities.
|
||||
|
||||
### Microsoft Defender ATP next-gen protection technologies:
|
||||
### Microsoft Defender for Endpoint next-gen protection technologies:
|
||||
|
||||
- **Advanced machine learning**: Improved with advanced machine learning and AI models that enable it to protect against apex attackers using innovative vulnerability exploit techniques, tools and malware.
|
||||
- **Emergency outbreak protection**: Provides emergency outbreak protection which will automatically update devices with new intelligence when a new outbreak has been detected.
|
||||
|
||||
@ -86,9 +86,9 @@ For more information about what's new in MDM, see [What's new in mobile device e
|
||||
|
||||
## Security
|
||||
|
||||
### Microsoft Defender Advanced Threat Protection (ATP)
|
||||
### Microsoft Defender for Endpoint
|
||||
|
||||
This release includes improved support for non-ASCII file paths has been added for Microsoft Defender ATP Auto Incident Response (IR).
|
||||
This release includes improved support for non-ASCII file paths has been added for Microsoft Defender for Endpoint Auto Incident Response (IR).
|
||||
|
||||
The [DisableAntiSpyware](https://docs.microsoft.com/windows-hardware/customize/desktop/unattend/security-malware-windows-defender-disableantispyware) parameter is deprecated in this release.
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user