Evaluate Microsoft Defender Antivirus

Important

Welcome to Microsoft Defender for Endpoint, the new name for Microsoft Defender Advanced Threat Protection. Read more about this and other updates here. We'll be updating names in products and in the docs in the near future.

Applies to:

Use this guide to determine how well Microsoft Defender Antivirus protects you from viruses, malware, and potentially unwanted applications.

Tip

You can also visit the Microsoft Defender ATP demo website at demo.wd.microsoft.com to confirm the following features are working and see how they work:

  • Cloud-delivered protection
  • Fast learning (including Block at first sight)
  • Potentially unwanted application blocking

It explains the important next-generation protection features of Microsoft Defender Antivirus available for both small and large enterprises, and how they increase malware detection and protection across your network.

You can choose to configure and evaluate each setting independently, or all at once. We have grouped similar settings based upon typical evaluation scenarios, and include instructions for using PowerShell to enable the settings.

The guide is available in PDF format for offline viewing:

You can also download a PowerShell that will enable all the settings described in the guide automatically. You can obtain the script alongside the PDF download above, or individually from PowerShell Gallery:

Important

The guide is currently intended for single-machine evaluation of Microsoft Defender Antivirus. Enabling all of the settings in this guide may not be suitable for real-world deployment.

For the latest recommendations for real-world deployment and monitoring of Microsoft Defender Antivirus across a network, see Deploy Microsoft Defender Antivirus.