Get started with Windows Defender Advanced Threat Protection
Learn about the minimum requirements and initial steps you need to take to get started with Windows Defender ATP.
The following capabilities are available across multiple products that make up the Windows Defender ATP platform.
Threat & Vulnerability Management
Effectively identifying, assessing, and remediating endpoint weaknesses is pivotal in running a healthy security program and reducing organizational risk. This infrastructure correlates endpoint detection and response (EDR) insights with endpoint vulnerabilities real-time, thus reducing organizational vulnerability exposure and increasing threat resilience.
Attack surface reduction
The attack surface reduction set of capabilities provide the first line of defense in the stack. By ensuring configuration settings are properly set and exploit mitigation techniques are applied, these set of capabilities resist attacks and exploitations.
Next generation protection
To further reinforce the security perimeter of your network, Windows Defender ATP uses next generation protection designed to catch all types of emerging threats.
Endpoint detection and response
Endpoint detection and response capabilities are put in place to detect, investigate, and respond to advanced threats that may have made it past the first two security pillars.
Auto investigation and remediation
In conjunction with being able to quickly respond to advanced attacks, Windows Defender ATP offers automatic investigation and remediation capabilities that help reduce the volume of alerts in minutes at scale.
Windows Defender ATP provides a security posture capability to help you dynamically assess the security state of your enterprise network, identify unprotected systems, and take recommended actions to improve the overall security state of your network.
Advanced hunting allows you to hunt for possible threats across your organization using a powerful search and query tool. You can also create custom detection rules based on the queries you created and surface alerts in Windows Defender Security Center.
Management and APIs
Integrate Windows Defender Advanced Threat Protection into your existing workflows.
Microsoft threat protection
Bring the power of Microsoft Threat Protection to your organization.
In this section
|Minimum requirements||Learn about the requirements for onboarding machines to the platform.|
|Validate licensing and complete setup||Get guidance on how to check that licenses have been provisioned to your organization and how to access the portal for the first time.|
|Preview features||Learn about new features in the Windows Defender ATP preview release and be among the first to try upcoming features by turning on the preview experience.|
|Data storage and privacy||Explains the data storage and privacy details related to Windows Defender ATP.|
|Assign user access to the portal||Set permissions to manage who can access the portal. You can set basic permissions or set granular permissions using role-based access control (RBAC).|
|Evaluate Windows Defender ATP||Evaluate the various capabilities in Windows Defender ATP and test features out.|
|Access the Windows Defender Security Center Community Center||The Windows Defender ATP Community Center is a place where community members can learn, collaborate, and share experiences about the product.|
Send feedback about: