This type of aggregation makes it easier for security professionals to prioritize, investigate, and respond to threats. Endpoint Detection and Response – ATP groups related attacks into incidents.Machine learning and Security Graph are used to spot new and emerging threats. Next Generation Protection – ATP performs continuous scanning to detect and block threats.Applications are no longer considered trustworthy by default, and only trusted applications are allowed to run. Attack Surface Reduction – The overall attack surface of a system is reduced through hardware isolation and application control.This information is used to detect, prioritize, and mitigate security vulnerabilities related to installed applications and missing patches.
Windows Defender Advanced Threat Protection offers nine primary security features and capabilities. ATP’s features are standard in many high-end anti-malware packages. ATP is a preventative and post-detection, investigative response feature to Windows Defender. Windows Defender Advanced Threat Protection (ATP) is a Microsoft security product that is designed to help enterprise-class organizations detect and respond to security threats.