deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-18 20:03:40 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

updates

Browse Source
This commit is contained in:
Beth Levin
2018-08-31 16:07:26 -07:00
parent 1a75b23645
commit f5cebf2201
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
windows/security/threat-protection/intelligence/top-scoring-industry-antivirus-tests.md
View File

@ -69,7 +69,7 @@ Tested Microsoft Windows Defender for Enterprise with Intune 4.12 | 4.12 | 4.14
This test, as defined by AV-Comparatives, attempts to assess the effectiveness of each security program to protect a computer against active malware threats while online. This test, as defined by AV-Comparatives, attempts to assess the effectiveness of each security program to protect a computer against active malware threats while online.
The results are based on a testing against 1163 cases from March-June. The results are based on a testing against 1,163 cases from March-June.
### Malware Protection Test Enterprise March 2018: [Protection Rate 99.9%](https://www.av-comparatives.org/tests/malware-protection-test-enterprise-march-2018-testresult/) ### Malware Protection Test Enterprise March 2018: [Protection Rate 99.9%](https://www.av-comparatives.org/tests/malware-protection-test-enterprise-march-2018-testresult/)
@ -87,11 +87,11 @@ This test, as defined by AV-Comparatives, attempts to assesses a security progra
## To what extent are tests representative of protection in the real world? ## To what extent are tests representative of protection in the real world?
It is important to remember that Microsoft sees a wider and broader set of threats beyond just whats tested in the antivirus evaluations highlighted above. Windows Defender AV encounters a staggering ~200 million samples every month, and the typical antivirus test consist of ~100 samples. The vastness of the malware landscape makes it extremely difficult to evaluate the quality of protection against real world threats. It is important to remember that Microsoft sees a wider and broader set of threats beyond just whats tested in the antivirus evaluations highlighted above. Windows Defender AV encounters a staggering ~200 million samples every month, and the typical antivirus test consist of between 100-1,000 samples. The vastness of the malware landscape makes it extremely difficult to evaluate the quality of protection against real world threats.
The capabilities within [Windows Defender ATP](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=cx-docs-avreports) also provide [additional layers of protection](https://cloudblogs.microsoft.com/microsoftsecure/2017/12/11/detonating-a-bad-rabbit-windows-defender-antivirus-and-layered-machine-learning-defenses?ocid=cx-docs-avreports) that are not factored into antivirus tests. There are other technologies in nearly every endpoint security suite not represented in antivirus tests that address some of the latest and most sophisticated threats. Isolating AV from the rest of the Windows Defender ATP stack discounts the synergy among components and creates conditions that dont reflect the real world. For example, the capabilities such as attack surface reduction and endpoint detection & response help prevent malware from getting onto devices in the first place. For more information, check out [Microsoft's transparency report of AV-TEST results](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2ouJA?ocid=cx-docs-avreports). The capabilities within [Windows Defender ATP](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=cx-docs-avreports) also provide [additional layers of protection](https://cloudblogs.microsoft.com/microsoftsecure/2017/12/11/detonating-a-bad-rabbit-windows-defender-antivirus-and-layered-machine-learning-defenses?ocid=cx-docs-avreports) that are not factored into antivirus tests. There are other technologies in nearly every endpoint security suite not represented in antivirus tests that address some of the latest and most sophisticated threats. Isolating AV from the rest of Windows Defender ATP creates a partial picture of how out security stack operates in the real world. For example, the capabilities such as attack surface reduction and endpoint detection & response help prevent malware from getting onto devices in the first place. For more information, check out [Microsoft's transparency report of AV-TEST results](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2ouJA?ocid=cx-docs-avreports).
Using these tests, customer can view one aspect of their security suite but can't assess the complete protection of all the security features. Had these organizations tested the full suite, our test scores would have been more representative how effective our security suite is at protecting customers. EDR and attack surface reductions. Using these tests, customer can view one aspect of their security suite but can't assess the complete protection of all the security features.
Microsoft is highly engaged in working with several independent testers to evolve security testing to focus on the end-to-end security stack. In the meantime, customers can evaluate Windows Defender Advanced Threat Protection in their own networks by signing up for a [90-day trial of Windows Defender ATP](https://www.microsoft.com/windowsforbusiness/windows-atp?ocid=cx-docs-avreports), or [enabling Preview features on existing tenants](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/preview-settings-windows-defender-advanced-threat-protection?ocid=cx-docs-avreports). Microsoft is highly engaged in working with several independent testers to evolve security testing to focus on the end-to-end security stack. In the meantime, customers can evaluate Windows Defender Advanced Threat Protection in their own networks by signing up for a [90-day trial of Windows Defender ATP](https://www.microsoft.com/windowsforbusiness/windows-atp?ocid=cx-docs-avreports), or [enabling Preview features on existing tenants](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/preview-settings-windows-defender-advanced-threat-protection?ocid=cx-docs-avreports).