Malware should not be the only vector to determine compromised machines in an environment. According to Gartner, over 46% of machines that were compromised did not contain malware. Due to the emergence of the Endpoint Detection and Response market, continuous early identification of these attacks is possible. Enter the EDR solution from Microsoft – Windows Defender Advanced Threat Protection (ATP). This is a separate solution from the Windows Defender AV that falls under the Endpoint Protection (EPP). Here is a comparison of the two solutions:
The Windows Defender ATP requires no additional deployment and infrastructure as it is built into Windows 10 1607 or later with an E5 license. The ATP is cloud based and provides an in-depth timeline for breaches to fully understand the scope.
As attacks get more sophisticated, it helps to have several layers of protection. The forensic data the Windows Defender ATP can provide can help prevent major attacks and digitally prepare your company to be on the forefront of cybersecurity.
All content provided on this blog is for information purposes only. Windows Management Experts, Inc makes no representation as to accuracy or completeness of any information on this site. Windows Management Experts, Inc will not be liable for any errors or omission in this information nor for the availability of this information. It is highly recommended that you consult one of our technical consultants, should you need any further assistance.