Microsoft first announced Windows Defender Advanced Threat Protection in March, as part of their new Enterprise plans. The service acts as an early barrier against cyber attacks, detecting and dealing with incoming threats on enterprise networks.
The suite's features have been gradually increasing, and at the Ignite conference today Microsoft revealed another improvement. WDATP will now share data with Office 365 Advanced Threat Protection.
Office 365 Advanced Threat Protection Intelligence Sharing
Office 365 Advanced Threat Protection has recently expanded to include Word, PowerPoint, SharePoint Online and OneDrive. According to Senior Vice President Yusuf Mehedi, the combination means more information than ever:
“By combining the intelligence of WDATP and Office ATP, the Microsoft Security Graph, which analyzes over 300 billion authentications processed per month, 200 billion emails for malware and phishing, and one billion Windows device updates – gets even more robust.”
As a result of the sharing, admins can figure out the complete process of an attack, from email to network. They'll see timelines and analysis in real-time, speeding up the investigation time dramatically.
All of this comes in a single interface as part of the Windows Security Center. It combines with data from FireEye iSight and other partners to deliver “the most comprehensive and robust security solution available today.”
Windows Defender Application Guard for Edge
This isn't the only Defender news coming out of Ignite, Microsoft also looking to increase the security of its Edge browser. Microsoft released a huge security update just last month, but is now going one step further.
Microsoft's Windows 10 security stack now comes with some huge improvements to Edge, with its Windows Defender Application guard. The service “uses virtualization-based security technology to protect against advanced attacks coming from the Internet.”
The technology will help protect employees from advanced internet attacks by isolating the browser with a hardware container. Admins can add trusted sites and choose which users to deploy it to. According to Mehidi, the functionality will be coming to Insiders soon, and become widely available next year.
You can find more detail about both additions on the Windows blog.