In the upcoming Windows Fall Creators Update, Microsoft will power Windows Defender Advanced Threat Protection (Windows Defender ATP) with its cloud-based security intelligence to fight new-age cyber threats.
The new update represents a new chapter in the Microsoft’s product evolution and the company aims to offer a set of new prevention capabilities designed to stop attacks as they happen and before they have impact.
For the first time, Windows Defender Advanced Threat Protection (ATP) will include seamless integration across the entire Windows threat protection stack to protect, detect and respond with rich, centralised management.
In addition, the company is extending the reach of Windows Defender ATP to include Windows Server OS to protect customers across platforms.
New features and capabilities in the suite include Windows Defender Exploit Guard, Windows Defender Application Guard and substantial updates to Windows Defender Device Guard and Windows Defender Antivirus.
Windows Defender Application Guard (WDAG) is designed to stop attackers from establishing a foothold on the local machine or from expanding out into the rest of the corporate network.
In the upcoming Creators update, Microsoft is growing their detection dictionary to include new indicators of attacks (IoA) that cover recent techniques that attackers use.
Some of these new detections include dynamic script-based attacks, network explorations, and keylogging alerts.
“We are expanding our set of security graph APIs to provide more flexibility to customers interested in using Windows Defender ATP data together with their security information and event management (SIEM) system. Our new APIs will allow customers to get more information on what’s going on and also take actions needed,” Microsoft said in a blog post.