Microsoft Enhances Windows Defender ATP

Microsoft has unveiled several enhancements to its Windows Defender Advanced Threat Protection (ATP) product to improve its protection capabilities. The improvements target various aspects of the endpoint protection platform, such as attack surface reduction, post-breach detection and response, automation capabilities, security insights, and threat hunting, Moti Gindi, General Manager, Windows Cyber Defense, explains.  Windows Defender ATP now has new attack surface reduction rules, designed to prevent Office communication applications (including Outlook) and Adobe Acrobat Reader from creating child processes. The new rules should help prevent a variety of attacks, such as those using macro and vulnerability exploits.  However, the company also added improved customization for exclusions and allow lists, which can be applied to folders and even individual files, Gindi reveals.  Now, Microsoft’s protection platform also takes advantage of emergency security intelligence updates. In the event of an outbreak, the Windows Defender ATP team can request cloud-connected enterprise devices to pull dedicated intelligence updates directly from the Windows Defender ATP cloud, thus eliminating the need for security admins to take action.

Spotlight

Spotlight

Related News