Windows 10 will soon have a very different security system

Microsoft outlines advanced Windows Defender Advanced Threat Protection and continues its quest to end passwords

Windows 10 will soon have a very different security system

Microsoft announced a new service called Windows Defender Advanced Threat Protection (WDATP) last year specifically for enterprises, meant to help detect, investigate and respond to attacks on their networks. It was released with the Windows 10 Anniversary Update and is built on the existing security in Windows 10. 

WDATP offers a new post-breach layer of protection to the Windows 10 security stack, as well as a cloud service to help detect threats that have made it past other defenses and trace how far they penetrated into the enterprise. 

With the upcoming Windows 10 Creators Update, Microsoft will allow organizations to add customized detection rules and provide the ability to perform what it called "time travel" detections with every new detection added across six months of historical data. 

+ Also on Network World: Your Windows 10 PC may soon lock itself when you walk away +

Microsoft is also integrating security events and alerts from across the Windows security stack to help customers check their malware reports and security events in one place. The first step will be to add reports from the antivirus component of WDATP, something customers had requested from the company. Microsoft also plans to expand WDATP to other platforms, starting with Windows Server. 

The company also crowed a little about the superb performance of System Center Endpoint Protection, its enterprise antivirus solution in the latest malware tests by AV-TEST. In its Nov-Dec/2016 Product Review and Certification Report, SCEP scored with 100 percent on zero-day, web- and email-based threat testing and 98.6 percent on malware and prevalent malware testing. Now, if only the consumer product were as good.

Windows Hello gets an update 

Microsoft also announced that Windows Hello, which uses facial recognition in lieu of passwords, will receive an update with the Creator's Update of Windows 10. Currently it uses Azure Active Directory and hybrid environments with Azure Active Directory Connect. With the Creators Update, all organizations with on-premise, Active Directory-only environments, particularly those in public sector, will be able to use Windows Hello. 

The company is also adding Dynamic Lock to Windows Hello to automatically lock a device when the customer walks away from the camera. Using Bluetooth signals, proximity will be based on distance between a customer’s mobile phone and the Windows 10 device and can be defined in Settings or through policy. 

Microsoft is also working with Intel on its Project EVO for endpoint security, and it announced Windows Hello will be integrated into Intel’s Authenticate technology. This integration enables Windows Hello to take full advantage of Authenticate’s hardware-based authentication factors to help protect users from even the most advanced attacks. The two companies expect to deliver this capability by the end of 2017.

Copyright © 2017 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022