Advanced Threat Protection Coming to Windows 10 Defender

A new service called Windows Defender Advanced Threat Protection (ATP) will soon be available for Windows 10. Using telemetry data sent to a Microsoft-hosted service, ATP creates profiles of "normal" behavior for PCs and alerts IT staff of anomalies. For example, alerts will be generated if PCs begin taking suspicious administrative actions or running unusual PowerShell scripts. The service also uses expertise from Microsoft and third-party security firms to detect connections to known malicious IP addresses or URLs.

Become a DOM member or log in to read the full report