This set of capabilities also includes network protection and web protection, which regulate access to malicious IP addresses, domains, and URLs. By ensuring configuration settings are properly set and exploit mitigation techniques are applied, the capabilities resist attacks and exploitation. The attack surface reduction set of capabilities provides the first line of defense in the stack. This built-in capability uses a game-changing risk-based approach to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations. Read: Insights from the MITRE ATT&CK-based evaluation. Microsoft Defender for Endpoint demonstrated industry-leading optics and detection capabilities in the recent MITRE evaluation.Learn about the latest enhancements in Defender for Endpoint: What's new in Microsoft Defender for Endpoint.
Threat intelligence: Generated by Microsoft hunters, security teams, and augmented by threat intelligence provided by partners, threat intelligence enables Defender for Endpoint to identify attacker tools, techniques, and procedures, and generate alerts when they are observed in collected sensor data.Ĭentralized configuration and administration, APIs
#OPAL VIEWER LITE FOR WINDOWS WINDOWS 10#
Defender for Endpoint uses the following combination of technology built into Windows 10 and Microsoft's robust cloud service:Įndpoint behavioral sensors: Embedded in Windows 10, these sensors collect and process behavioral signals from the operating system and send this sensor data to your private, isolated, cloud instance of Microsoft Defender for Endpoint.Ĭloud security analytics: Leveraging big-data, device-learning, and unique Microsoft optics across the Windows ecosystem, enterprise cloud products (such as Office 365), and online assets, behavioral signals are translated into insights, detections, and recommended responses to advanced threats.