Overview of Windows Defender ATP capabilities

Applies to:

Understand the concepts behind the capabilities in Windows Defender ATP so you take full advantage of the complete threat protection platform.


In this section

Topic Description
Attack surface reduction Leverage the attack surface reduction capabilities to protect the perimeter of your organization.
Next generation protection Learn about the antivirus capabilities in Windows Defender ATP so you can protect desktops, portable computers, and servers.
Endpoint detection and response Understand how Windows Defender ATP continuously monitors your organization for possible attacks against systems, networks, or users in your organization and the features you can use to mitigate and remediate threats.
Automated investigation and remediation In conjunction with being able to quickly respond to advanced attacks, Windows Defender ATP offers automatic investigation and remediation capabilities that help reduce the volume of alerts in minutes at scale.
Secure score Quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to better protect your organization - all in one place.
Advanced hunting Use a powerful search and query language to create custom queries and detection rules.
Management and APIs Windows Defender ATP supports a wide variety of tools to help you manage and interact with the platform so that you can integrate the service into your existing workflows.
Microsoft Threat Protection Microsoft security products work better together. Learn about other security capabilities in the Microsoft threat protection stack.
Portal overview Learn to navigate your way around Windows Defender Security Center.