Improve your endpoint security /w Windows Defender Advanced Threat Protection


Last week Microsoft announced the public preview of Windows Defender ATP Windows 10 Fall Creator update. I’m quite excited – we’ll should – of the new capabilities which allows you to better protect your endpoints from threats.

I had the opportunity to work with this for a while and like to highlight my personal favorite feature – Security Analytics Dashboard. Why? It’s because this feature gives me insights of my current endpoint (Windows 10, Windows Server, Linux* & Mac OS*) security posture and what it takes to utilize the full potential.

For a complete overview of all Windows Defender ATP preview features please read the official announcement here.

Security Analytics Dashboard

As mentioned the security analytics dashboard is my personal favorite. It expands your visibility into the overall endpoint security of your organization. See it as a best practices (security) baseline analyzer to assess your organization’s security posture. It sheds light on configuration issues and provide view to machines where security features are misconfigured or out of date.

The organizational security score – equally to the Office 365 Secure Score – provides valuable insights how your organization is performing compared to the Windows recommended baseline and shows breakdown of possible issues and actionable recommendations for improvement.

From this dashboard, you’ll be able to quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to further reduce the attack surface of your endpoints in your organization – all in one place.

The Security Score over time shows you improvement over time and provides several viewpoints of the catagories being managed.

With a single click you can unselect a category from your view and by double-clicking you’re able to drill-down into a specific category and have a closer look.

The catagories Exploit Guard, Application Guard and SmartScreen has been added as part of the new Windows Defender ATP preview update. These new catagories are available since the Fall Creators Update Insider preview (build 16241 or higher) as part of the new OS and will be final with the Windows 10 Fall Creators update (1709) which will be available in October 17th .

Recap

It’s almost love at first sight when it comes to the new preview features of Windows Defender Advanced Threat Protection. And I just highlighted only one feature! In addition to the security operations, Security Analytics Dashboard provide insights of your endpoint security maturity level, which security features you’re using and which you don’t. Biggest gain here, a first step of improving your security posture: awareness & insights!

Trail

If you want to try the new goodness from first hand, you can sign up here for a free trial.

Windows Defender Advanced Threat Protection & Microsoft Intune 

In the following blog posts I’ll go in to more details how to improve your security baseline of your endpoints – starting with Endpoints Detection Response (EDR) –  for modern management (MDM) using Microsoft Intune restriction profiles.

Part 1: Improve your endpoint security /w Windows Defender Advanced Threat Protection & Microsoft Intune: Windows Defender Antivirus & Application Guard

Part 2: Improve your endpoint security /w Windows Defender Advanced Threat Protection & Microsoft Intune: Application Guard & SmartScreen

 

Sources

Windows Defender ATP Windows 10 Fall Creators Update now open for public preview

https://blogs.windows.com/windowsexperience/2017/09/07/windows-defender-atp-windows-10-fall-creators-update-now-open-public-preview

Windows Defender ATP preview features

https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection?ocid=mktg-winsecurityblog-WDATP-fallcreatorupdate-prev

View the Windows Defender Advanced Threat Protection Security analytics dashboard

https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-atp/security-analytics-dashboard-windows-defender-advanced-threat-protection?ocid=mktg-winsecurityblog-WDATP-fallcreatorupdate-prev

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s