Wednesday, May 18, 2016

Advanced Threat Protection - brandnew feature in Windows 10 (Anniversary release 2016)

Microsoft responded to their customers requests regarding security threats and how to get hold on them especially when the breach already occured.

Antivirus tools we were used to use where yesterday. Now its ATP time!

This tool is really outstanding and uses unique techniques and possibilities that only Microsoft can do!

Please CLICK here to watch the video!

And to learn more and check it out you can sign up here:

ATP consists of 3 components:
1. The Client – end-point behavioral sensor, built into Windows 10 (Windows 10 Anniversary update, Windows Insider Preview Build number 14332 and later) and activated upon service enrollment. The client logs relevant security events and behaviors from the endpoint.     
2. Cloud security analytics service – processing data from endpoints in combination with historical data and Microsoft’s wide data repository to detect anomalous behaviors, adversary techniques and similarity to known attacks. The service runs on the Microsoft scalable big data platform, and uses a combination of Indicators of Attacks (IOAs), generic analytics and machine learning rules, as well as Indicators of Compromises (IOCs) collected from past attacks.
3. Microsoft and community intelligence – our Hunters and researchers investigate the data, finding new behavioral patterns and correlating the data with existing knowledge from the security community.