Implement Microsoft Defender for Endpoint
Microsoft Defender for Endpoint (formerly Windows Defender Advanced Threat Protection) is a security platform built into Windows 10 and integrated with Microsoft cloud-based security services. Table 3-4 describes some of the capabilities built into Microsoft Defender for Endpoint.
TABLE 3-4 Capabilities of Microsoft Defender for Endpoint
| Capability | Description |
| Attack surface reduction | Helps reduce the attack surface of a computer, its applications, and the data it consumes by implementing several Windows Defender ATP features. |
| Endpoint detection and response | Continuously monitors your organization’s endpoints for possible attacks against devices or networks in your organization and provides you with the features you can use to mitigate and remediate threats. |
| Automated investigation and remediation | Offers automatic investigation and remediation capabilities that help reduce the volume of alerts and actions an administrator needs to perform to fix breaches. |
| Secure score | Enables you to assess the security posture of your organization and identify devices that might need attention, as well as recommendations for actions to improve your score. |
| Management and APIs | Provides a means for you to interact with the platform by providing APIs. |
Need More Review? Overview of Microsoft Defender for Endpoint Capabilities
To learn more about the capabilities of Microsoft Defender for Endpoint, refer to the Microsoft website at https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.
Microsoft Defender for Endpoint integrates many of the security features we have already discussed to help you secure your devices.
Requirements
To use Microsoft Defender for Endpoint, you require one of the following Microsoft Volume licensing options:
- Windows 10 Enterprise E
- Windows 10 Education A
- Microsoft 365 E5 (M365 E5), which includes Windows 10 Enterprise E
- Microsoft 365 A5 (M365 A5)
- Microsoft 365 E5 Security
- Microsoft 365 A5 Security
- Microsoft Defender for Endpoint
The portal
You use the Microsoft Defender Security Center portal to manage Microsoft Defender for Endpoint settings and to view reports and alerts. You can access the portal at https://securitycenter.windows.com.
Need More Review? Microsoft Defender for Endpoint Portal Overview
To learn how to use the portal, refer to the Microsoft website at https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/portal-overview.
