Overview of Microsoft Defender ATP capabilities

Applies to:

Understand the concepts behind the capabilities in Microsoft Defender ATP so you take full advantage of the complete threat protection platform.


In this section

Topic Description
Threat & Vulnerability Management Reduce organizational vulnerability exposure and increase threat resilience while seamlessly connecting workflows across security stakeholders—security administrators, security operations, and IT administrators in remediating threats.
Attack surface reduction Leverage exploit protection, attack surface reduction rules, and other capabilities to protect the perimeter of your organization. This set of capabilities also includes network protection and web protection, which regulate access to malicious IP addresses, domains, and URLs.
Next generation protection Learn about the antivirus capabilities in Microsoft Defender ATP so you can protect desktops, portable computers, and servers.
Endpoint detection and response Understand how Microsoft Defender ATP continuously monitors your organization for possible attacks against systems, networks, or users in your organization and the features you can use to mitigate and remediate threats.
Automated investigation and remediation In conjunction with being able to quickly respond to advanced attacks, Microsoft Defender ATP offers automatic investigation and remediation capabilities that help reduce the volume of alerts in minutes at scale.
Secure score Quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to better protect your organization - all in one place.
Microsoft Threat Experts Managed cybersecurity threat hunting service. Learn how you can get expert-driven insights and data through targeted attack notification and access to experts on demand.
Advanced hunting Use a powerful query-based threat-hunting tool to proactively find breach activity and create custom detection rules.
Management and APIs Microsoft Defender ATP supports a wide variety of tools to help you manage and interact with the platform so that you can integrate the service into your existing workflows.
Microsoft Threat Protection Microsoft security products work better together. Learn about other how Microsoft Defender ATP works with other Microsoft security solutions.
Portal overview Learn to navigate your way around Microsoft Defender Security Center.