Overview of attack surface reduction capabilities

Applies to:


Want to experience Microsoft Defender for Endpoint? Sign up for a free trial.

Attack surfaces are all the places where your organization is vulnerable to cyberthreats and attacks. Defender for Endpoint includes several capabilities to help reduce your attack surfaces. Watch the following video to learn more about attack surface reduction.

Resources to learn more about attack surface reduction

As mentioned in the video, Defender for Endpoint includes several attack surface reduction capabilities. Use the following resources to learn more:

Article Description
Hardware-based isolation Protect and maintain the integrity of a system as it starts and while it's running. Validate system integrity through local and remote attestation. Use container isolation for Microsoft Edge to help guard against malicious websites.
Application control Use application control so that your applications must earn trust in order to run.
Controlled folder access Help prevent malicious or suspicious apps (including file-encrypting ransomware malware) from making changes to files in your key system folders (Requires Microsoft Defender Antivirus)
Network protection Extend protection to your network traffic and connectivity on your organization's devices. (Requires Microsoft Defender Antivirus)
Exploit protection Help protect the operating systems and apps your organization uses from being exploited. Exploit protection also works with third-party antivirus solutions.
Attack surface reduction rules Reduce vulnerabilities (attack surfaces) in your applications with intelligent rules that help stop malware. (Requires Microsoft Defender Antivirus).
Device control Protects against data loss by monitoring and controlling media used on devices, such as removable storage and USB drives, in your organization.