As promised, Microsoft is adding a new centralized portal called the Windows Security Center to Windows 10 as part of the Creators Update. The new security feature allows IT admins to monitor and respond to various security issues thanks to a link to the Office 365 Advanced Threat Protection. This security feature includes an integrated method to let security departments track threats across endpoints and emails. Microsoft also plans to broaden the scope of the Windows Defender ATP sensors so that they can detect persistent threats within memory or at the kernel level. That means IT security experts will be able to keep track of loaded drivers, in-memory activities, and in-memory modifications that signify potential kernel exploits.
Microsoft explains in detail the Windows Security Center:
The Windows Defender Security Center offers a single dashboard display so you can control your security options from one place – everything from anti-virus, network, and firewall protection; to assessing your device performance and health; to security controls for your apps and browser; to family safety options. For our enterprise customers using the Windows Defender Advanced Threat Protection (ATP) service, the centralized portal first delivered in the Anniversary Update called the Windows Security Center will link to Office 365 Advanced Threat Protection, via the Microsoft Intelligent Security Graph, to allow IT administrators to easily follow an attack across endpoints and email in a seamless and integrated way.
IT admins can also inject their own intelligence into the Windows Security Center to raise alerts on activities according to various compromise indicators. They can then isolate machines or block files to help resolve critical security issues within a shorter span of time.