Microsoft is constantly saying that it developed Windows 10 to be the most secure operating system in the world. But the higher level of security encouraged cyber criminals to put in more work than ever, and develop advanced techniques to break in users’ computers anyway.
Attackers are mainly using social engineering and zero-day vulnerabilities to go through Windows 10’s security system and do a lot of damage to users. Windows 10 computers that are potentially ‘the most valuable target’ for cyber criminals are computers of companies and enterprises, because they store a lot of confidential data, and even info about company’s bank accounts.
Another thing that attracted cyber criminals into attacking Enterprise computers is the fact that they didn’t have the best security system in the world. Microsoft’s researches have shown that k
So, Microsoft just developed a new defense mechanism, aimed for Enterprise users, that will increase the security of computers running Windows 10 Enterprise, and make all confidential and valuable data unavailable to attackers, called Windows Defender Advanced Threat Protection.
Windows Defender Advanced Threat Protection to provide details about attackers
The main purpose of the Windows Defender Advanced Threat Protection is to detect, eliminate, and give all possible info about an advanced security attack that tried to break into the system. Special Microsoft security sensors will analyze the attack, and will provide the information about who attacked the computer, when, and why the attack happened. This means enterprise users won’t only be able to stop the attack, but they’ll also know who sent a malicious software.
Windows Defender Advanced Threat Protection will also bring a new layer to system’s security system, which will detect an attack, even if it went through all previous security layers. The new security feature will be a combination of security features already built in Windows 10, and a new cloud security technology.
Microsoft also promised that the company will investigate the behavior of cyber attackers, because Windows Defender Advanced Threat Protection features a set of time travel-like tools which scans a computer for all malicious actions in past six months. So, Microsoft will be able to look for all security threatening actions that happened on a computer for the period of 6 months.
By knowing about attackers’ actions, Microsoft will provide regular updates to Windows Defender Advanced Threat Protection, to make sure the service is always one step ahead of cyber criminals.
For now, Microsoft presented Windows Defender Advanced Threat Protection as a private preview, with only 500,000 organizations using it. But in the future, Microsoft will introduce this feature to Windows Insider Program, so users will have an opportunity to test it, and provide feedback.
Developing a tool like this was a must for Microsoft, if the company wants Windows 10 to be the most widely-used operating system for Enterprises. Windows Defender Advanced Threat Protection will definitely bring the security of Windows 10 Enterprise to a whole new level, but the war between cyber criminals and companies like Microsoft lasts for years, so they’ll probably come up with a new way to break in users’ computers, which will make Microsoft to improve its security system even more. It’s an endless circle.