Microsoft, announced taking its enterprise security to a new level by delivering automated investigation and response capabilities as part of Windows Defender Advance Threat Protection (WDATP). The announcement will make WDATP the first end-to-end solution that allows customers to go from alert to remediation within minutes, at scale. Additionally, it will increase efficiency and fill the security gap by having machines lift the burden of reviewing every incident. With this addition, WDATP now covers the end-to-end threat lifecycle from detection to investigation and response automatically. With the new security automation capabilities, WDATP can not only find breaches; it can fix them.
The announcement will enable Microsoft customers to move faster from device, data and insight to action against modern-day threats. It will increase efficiency and fill the security gap by having machines lift the burden of reviewing every incident. Microsoft customers will also be able to leverage artificial intelligence (AI) technology to solve their alert volume challenges by letting WDATP automatically investigate alerts, apply artificial intelligence to determine whether a threat is real and to determine what action to take, going from alert to remediation in minutes at scale.
Since Microsoft announced WDATP 18 months ago, it has continually evolved with new detection capabilities, investigation and hunting tools and response options. With the Windows 10 Fall Creators Update, new prevention capabilities were added, as well as capabilities to stop attacks as they happen, enabling companies to use the full power of the Windows security stack for preventative protection.
WDATP processes 970 million malicious security events per day per day from across the Microsoft enterprise and consumer eco-system, making the Intelligent Security Graph richer every day. This staggering figure shows the magnitude of the threat landscape being surfaced to customers, yet visibility is simply not enough.
The new WDATP automated response capabilities will be available for customers to preview later this year. Companies can sign up for a 90-day trial of Windows Defender ATP today or enable Preview features on existing tenants.