Microsoft announced that Windows Defender Advanced Threat Protection (ATP), which appeared simultaneously with Windows 10 Fall Creators Update, helps companies reduce the time to identify and investigate attacks on corporate networks. At the core of Windows Defender ATP are cloud technologies that connect security systems to a single network. Coordination of their work is simplified thanks to the management console, which gives the administrator a complete picture of what is happening.

To distinguish real security threats from false positives of antiviruses and firewalls is a difficult task, which is further complicated in large corporate networks. Windows Defender Advanced Threat Protection helps identify and investigate incidents, and with the latest update in its arsenal included a tool based on artificial intelligence.

The technology of automatic investigation of incidents using artificial intelligence is based on the decision of Hexadite, which joined Microsoft in June 2017. Now Windows Defender ATP can not only detect threats, but also automatically investigate them, and also provide security services with information about what actions should be taken to resolve the incident and eliminate the vulnerability.

"Our goal is to bring security to the next level and give our clients a means of protection and detection with which they can always respond to any challenges that the ever-changing world of cyberthreats will give them," said Terry Myerson, vice president of Windows and Devices Group.

Windows Defender ATP is already installed on more than 2 million devices, and daily processes about 970 million events related to security.