With the steady increase in malware and cyber attacks by cyber criminals, it would be a gratifying news to Windows 10 users as Microsoft Corporation, makers of Windows OS says it has stepped up efforts to tackle the issue.
The tech giant announced that the company is developing Windows Defender Advanced Threat Protection, a new service that will help enterprises to detect, investigate, and respond to advanced attacks on their networks.
Terry Myerson, Executive Vice President, Windows and Devices group at Microsoft corporation says “we’re seeing increasingly brazen cyber-attacks. Cyber-criminals are well organized with an alarming emergence of state-sponsored attacks, cyber-espionage and cyber terror. Even with the best defense, sophisticated attackers are using social engineering and zero-day vulnerabilities to break-in to corporate networks.’’
According to the Microsoft executive, “as the attackers’ approaches have evolved and become more sophisticated, so too must our approach to provide security to our enterprise customers. And, our customers agree, as 90% of surveyed IT Directors said they need a full-fledged advanced threat protection solution that identifies attacks quicker with comprehensive intelligence, and provides actionable remediation.”
According to Microsft, Windows Defender Advanced Threat Protection provides a new post-breach layer of protection to the Windows 10 security stack. With a combination of client technology built into Windows 10 and a robust cloud service, it will help detect threats that have made it past other defenses, provide enterprises with information to investigate the breach across endpoints, and offer response recommendations.
It will also detect advanced attacks; provide key information on who, what, and why the attack happened with the help of sophisticated threat intelligence that enables attack detection.
According to the Microsoft Executive, ‘‘the service’s security operations data provides an easy way to investigate alerts, explore the entire network for signs of attacks, examine attacker actions on specific devices, and get detailed file footprints from across the organization to recommend responses.’’
‘’ With time travel-like capabilities, Windows Defender Advanced Threat Protection examines the state of machines and their activities over the last six months to maximize historical investigation capabilities and provides information on a simple attack timeline.’’ Said Myerson.
Windows Defender Advanced Threat Protection is powered by a combination of Windows behavioral sensors, cloud based security analytics, threat intelligence, and by tapping into Microsoft’s intelligent security graph.
This immense security graph provides big-data security analytics that look across aggregate behaviors to identify anomalies, and according to Microsoft, this data is then augmented by expertise from world-class security experts and advanced threat protection Hunters from across the globe, who are uniquely equipped to detect attacks.