Click here to ask for help with Microsoft Defender for Endpoint

Microsoft Defender for Endpoint logo

Microsoft Defender for Endpoint

Microsoft Defender for Endpoint is a comprehensive endpoint security platform designed to detect, and respond to security threats. The platform is cloud based which means it doesn’t require on-premise server deployment and leverages endpoint security sensors build into the operation system of each device; these sensors are continuously collecting data and reporting back to your personal cloud. The Defender then analyses the code and determines potential threats. If a breach does occur, the platform enables the user to quickly and easily remove the threats before it can cause any damage. Microsoft Defender for Endpoint was formally called Windows Defender Advanced Threat Protection or WDATP.

Microsoft Defender for Endpoint provides layered security protection, please see below for the seven main features the platform has to offer, some of which include:

Microsoft Defender for Endpoint integrates with the Security Center Enterprise Protection model and modules. Being a full cloud based architecture ensures a robust and scalable endpoint security solution with deep insight with minimal endpoint impact.

The integration provides visibility to both client and Window server endpoints and associated malware detections and to stop propagation of an attack in your organization by banning potentially malicious files or suspected malware.

Microsoft EDR

Endpoint Detection and Response (EDR)

This element is used for host visibility and the ability to identify advanced threats that may have made it past the first two security layers. Microsoft Defender EDR detects attacks in real-time and provides IT and the ConnectDS security analysts with actionable alerts.

Microsoft Defender for Endpoint Threat and Vulnerability Management

Threat & Vulnerability Management

Microsoft Defender for Endpoint has real-time insights into changes in patches, installations/uninstallations. Defender for endpoint includes the threat and vulnerability management platform and can discover known security vulnerabilities or missing security patches and provide the visibility required for vulnerability management and to feedback into your patch management program and a focus to remediate these recommendations.

Microsoft Threat Experts

Microsoft Threat Experts

The managed threat hunting service comes with two components. Targeted attack notifications provide special insights and analysis that help to identify and respond to the most critical threats quickly and accurately. It also comes with Microsoft threat experts on demand who can provide you with a technical consultation.

Microsoft Securescore

Attack Surface Reduction

It’s possible to minimise areas where cyber threats could attack our defences by putting specific controls in place; these will act as a first line of defence. An example of this is marking applications as trusted to run, rather than allowing them to be run by default.

NGAV Microsoft Defender for Endpoint

Next Generation Protection

Microsoft Defender Antivirus is a next generation protection component that combines big data analysis, machine learning, in-depth threat research and the Microsoft cloud infrastructure to protect devices. It uses behaviour monitoring characteristics and real-time threat protection to detect and block malicious threats almost instantly.

Microsoft Defender for Endpoint Incidents Log

Auto Investigation & Remediation

The AI built into the Microsoft Defender uses advanced inspection algorithms that an analyst would use to investigate and remediate threats; they are automatic capabilities that help reduce the volume of alerts in minutes.

Microsoft Defender for Endpoint Device Inventory

Device Inventory

Microsoft Defender for Endpoint provides comprehensive device inventory and visibility of device risks, operating systems, domain connectivity, health status, and exposure levels.
Microsoft Defender for Endpoint Threat Analytics

Microsoft Defender for Endpoint integrates with the Security Center Enterprise Protection model and modules. Being a full cloud based architecture ensures a robust and scalable endpoint security solution with deep insight with minimal endpoint impact. 

The integration provides visibility to both client and Window server endpoints and associated malware detections and to stop propagation of an attack in your organization by banning potentially malicious files or suspected malware.

Microsoft Defender for Endpoint FAQ

No – Microsoft DfE is available as as a standalone product or included as part of a Microsoft E5 package.

Microsoft DfE includes anti-virus programm

Defender anti-virus is an anti-malware component included included as part of Windows 10.

Microsoft Defender ATP, now known as Microsoft Defender for Endpoint, is a paid-for business solution that provides a suite of high-grade cyber security applications.

Prices start at £48.10 per user per month if bought as part of the Microsoft 365 E5 package.

If you would like to purchase Microsoft Defender for Endpoint as a standalone application, click here for more information.

Find out more

If you want to find out more about Microsoft Defender for Endpoint and it’s comprehensive endpoint security capabilities reach out to our team who can assist – give us a call or complete our contact form.

TALK TO OUR TEAM
crown-commercial-service-logo
cyber exchange member logo
Cyber Essentials logo
CISP logo
IASME logo

SIGN UP TO OUR NEWSLETTER

Sign up to our email newsletter – opt out at anytime – view our Privacy Policy.