For enterprise users, spotting an advanced attack can be almost as hard as stopping one. But the faster an IT team can catch the breach, the faster their company can respond by alerting customers, assessing damage and upgrading security.
Windows Defender Advanced Threat Protection, announced today, is a new anti-malware service from Microsoft that helps enterprise users detect and react to cyber threats sooner.
The Advanced Threat Protection program will help spot both social engineering and zero-day vulnerability hacks, both of which can be some of the hardest to spot.
“Thousands of such attacks were reported in 2015 alone,” Microsoft Windows and device group vice president Terry Myerson said in a blog post announcing the new service. “We’ve found it currently takes an enterprise more than 200 days to detect a security breach and 80 days to contain it.”
The Advanced Threat Protection program runs in the cloud, with server-based security analytics and threat intelligence. By harnessing big data, Microsoft’s system spots little anomalies that point to an ongoing or completed hack.
After spotting a security breach, Advanced Threat Protection offers response recommendations and helps investigate what led to a breach with “time travel-like capabilities.” Users can even submit suspicious URLs and files to isolated virtual machines to examine them without risking further security compromises.
The system is already in use on about 500,000 enterprise machines and has even led to some security improvements at companies testing the service.
“Deploying Windows Defender Advanced Threat Protection gave us incredible awareness about several critical security vulnerabilities in our network, which we’ve already taken immediate action to address,” TDC Hosting’s IT manager Henrik Pedersen told Myerson.
The new security features will roll out to all enterprise customers with a free security update later this year. The new cyber defense system joins other Microsoft security features like Credential Guard and Windows Hello to improve Windows security for all users.