Threat protection for Windows clients: Microsoft Defender ATP

Microsoft Defender ATP

Threat Protection For Windows Clients

Microsoft Defender ATP: Threat Protection For Windows Clients

  • 21 October 2020
  • 3.06 minutes to read

Microsoft 365 provides a holistic approach to security, helping you to protect identities, data, applications, and devices across on-premises, cloud, and mobile. As an architect for Modern Workplace topics, customers often ask me to present the Microsoft Advanced Threat Protection (ATP) Suite in specific, so let’s take a look at what Microsoft Defender ATP really means.

Threat protection for Windows clients: Microsoft Defender ATP
ill. 1: Microsoft Threat Protection, source: Microsoft

How Good is Microsoft Defender Antivirus?

Let's start with the Microsoft Defender Antivirus (AV) that is integrated with Windows 10. This antivirus program has nothing in common with its predecessors from Microsoft like Microsoft Security Essentials. Independent institutes give the impressive AV performance top marks. This means that the Defender AV is Enterprise-ready, so to say. The Gartner Magic Quadrant for “Endpoint Protection Platforms” also confirms this assessment.

Threat protection for Windows clients: Microsoft Defender ATP
ill. 2: Gartner's Magic Quadrant for Endpoint Protection Platform, source: Gartner

Strengths and Weaknesses of the Microsoft Defender AV

There are other advantages to using Defender AV: It's free and the only AV solution that is so deeply embedded in the operating system that it's easy to use with the biannual feature upgrades. Furthermore, the use of deployment of additional security features within Windows 10 makes it possible to

  • reduce the attack surface, e.g. to block executable content from email clients and browser-based email services
  • control folder access, which means, for example, that all encryption Trojans like Petya are unable to access and therefore encrypt user libraries.

It is worth noting, however that the integrated Microsoft Defender AV is pattern-based, so it can only detect zero-day exploits if they have already been included in the security intelligence updates.

Threat protection for Windows clients: Microsoft Defender ATP
ill. 3: Microsoft Defender ATP next generation protection engines, source: Microsoft

The Microsoft Defender ATP Next Generation Protection Engine enables Microsoft Defender AV to protect the client against threats that are not yet detected or known. In addition, machine learning and artificial intelligence algorithms are used to identify and eliminate new and undetected threats.

Threat protection for Windows clients: Microsoft Defender ATP
ill. 4: security recommendation, source: SoftwareONE

A ticket can now be opened to update VLC.

Threat protection for Windows clients: Microsoft Defender ATP
ill. 5: request remediation; source: SoftwareONE

Now it is possible to process the opened ticket as a ‘Security Task’ within Microsoft Endpoint Manager (formerly Intune) and to update VLC.

Threat protection for Windows clients: Microsoft Defender ATP
ill. 6: managing tickets within the Microsoft Endpoint Manager, source: SoftwareONE

Integration of TVM with Microsoft Endpoint Manager is a major simplification in eliminating threats and vulnerabilities, both in terms of Windows updates and within applications.

Security in Microsoft 365 – Exploring the Possible

We will walk you through the key pillars of Microsoft 365 and teach you on the different security features that are available per licensing type.

Request Your On-Demand Webinar
  • Managed Security
  • Security, Microsoft, ATP

Comment on this article

Leave a comment to let us know what you think about this topic!

Leave a comment

Related Articles

creating-a-cybersecurity-program
  • 25 February 2021
  • Bala Sethunathan
  • Managed Security

Creating a Cybersecurity Program

Cybercriminals aren’t only targeting vulnerabilities in your infrastructure – they’re targeting your employees too. Learn how awareness can stop them.

Announcing SoftwareONE as a Microsoft H1 Top Teams Partner

Announcing SoftwareONE as a Microsoft H1 Top Teams Partner

We’ve been named one of Microsoft’s H1 Teams Top Partners. Learn more about the services that brought us here.

Know These Cybersecurity Threats
  • 18 February 2021
  • Bala Sethunathan
  • Managed Security, Managed Backup
  • Security

Know These Cybersecurity Threats

Don’t get caught unaware – cyberattacks are more common than ever. Read this to increase your knowledge about internet security threats.