Windows Defender Antivirus

Applies to:

Windows Defender Antivirus is a built-in antimalware solution that provides next generation protection for desktops, portable computers, and servers.

Windows Defender Antivirus includes:

  • Cloud-delivered protection for near-instant detection and blocking of new and emerging threats. Along with machine learning and the Intelligent Security Graph, cloud-delivered protection is part of the next-gen technologies that power Windows Defender Antivirus.
  • Always-on scanning, using advanced file and process behavior monitoring and other heuristics (also known as "real-time protection")
  • Dedicated protection updates based on machine-learning, human and automated big-data analysis, and in-depth threat resistance research

Windows Defender Antivirus uses multiple detection and prevention technologies to deliver accurate, real-time, and intelligent protection. Get to know the advanced technologies at the core of Microsoft Defender ATP next generation protection. List of Windows Defender AV engines

You can configure and manage Windows Defender Antivirus with:

  • System Center Configuration Manager (as System Center Endpoint Protection, or SCEP)
  • Microsoft Intune
  • PowerShell
  • Windows Management Instrumentation (WMI)
  • Group Policy

Tip

You can visit the Windows Defender Testground website at demo.wd.microsoft.com to confirm the following features are working and see how they work:

  • Cloud-delivered protection
  • Fast learning (including Block at first sight)
  • Potentially unwanted application blocking

Note

For more information regarding what's new in each Windows version, please refer to What's new in Microsoft Defender ATP.

Minimum system requirements

Windows Defender AV has the same hardware requirements as Windows 10. For more information, see:

Functionality, configuration, and management is largely the same when using Windows Defender AV on Windows Server 2016; however, there are some differences.

Tip

You can visit the Windows Defender Testground website at demo.wd.microsoft.com to confirm the following features are working and see how they work:

  • Cloud-delivered protection
  • Fast learning (including Block at first sight)
  • Potentially unwanted application blocking