Antivirus tools we were used to use where yesterday. Now its ATP time!
This tool is really outstanding and uses unique techniques and possibilities that only Microsoft can do!
Please CLICK here to watch the video!
https://channel9.msdn.com/Events/Build/2016/B890
And to learn more and check it out you can sign up here:
https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp
ATP consists of 3 components:
1. The Client – end-point behavioral sensor, built into Windows 10 (Windows 10 Anniversary update, Windows Insider Preview Build number 14332 and later) and activated upon service enrollment. The client logs relevant security events and behaviors from the endpoint.
2. Cloud security analytics service – processing data from endpoints in combination with historical data and Microsoft’s wide data repository to detect anomalous behaviors, adversary techniques and similarity to known attacks. The service runs on the Microsoft scalable big data platform, and uses a combination of Indicators of Attacks (IOAs), generic analytics and machine learning rules, as well as Indicators of Compromises (IOCs) collected from past attacks.
3. Microsoft and community intelligence – our Hunters and researchers investigate the data, finding new behavioral patterns and correlating the data with existing knowledge from the security community.