Windows Defender Advanced Threat Protection

Detect, investigate and respond to advanced attacks.

start trialRequest a quote
ImageImageImageImageWindows Defender ATP app screenshot on generic device
Security shield icon

Post-breach detection, investigation and response

Even the best endpoint defenses will be breached eventually, as cyberattacks become more sophisticated and targeted. Windows Defender Advanced Threat Protection (ATP) helps our enterprise customers detect, investigate, and respond to advanced attacks and data breaches on their networks.

ImageImageImageImageWindows Defender ATP app screenshot on generic device

Detect Attacks

Detect attacks and zero days using advance behavioral analytics and Machine Learning.

Uncover scope of breach

Visually investigate forensic evidence across your endpoints to easily uncover scope of breach.

Interactively hunt

Instantaneously search and explore 6 months of historical data across endpoints.

Respond and remediate

Quickly respond to contain the attack and prevent reoccurrence.

ImageImageImageImageProtect icon

Protect

Today’s cloud-first, mobile-first world demands the highest level of identity & data security.

Windows Defender Advanced Threat Protection

ImageImageImageImageCloud detect icon

Detect

Comprehensive monitoring tools to help you spot abnormalities and respond to attacks faster.

ImageImageImageImageRespond icon

Respond

Leading response and recovery technologies plus deep consulting expertise.

The Windows Defender ATP Advantage

Detecting the undetectable

Sensors built deep into the operating system kernel, Windows security experts, and unique optics from over 1B machines and signals across all Microsoft services.

Built in, not bolted on

Agentless with high performance and low impact, cloud-powered; easy management with no deployment.

Single pane of glass for windows security

Explore 6 months of rich machine timeline that unifies security events from Windows Defender ATP, Windows Defender Antivirus and Device Guard.

The power of the Microsoft graph

Leverages the Microsoft Intelligence Security Graph to integrate detection and exploration with Office 365 ATP subscription, to track back and respond to attacks.

Windows 10 Creators Update advances security and best-in-class modern IT tools

What's new in Windows Defender ATP

How we protect your business from advanced threats

Windows Defender ATP combines sensors built-in to the operating system with a powerful security cloud service enabling Security Operations to detect, investigate, contain, and respond to advanced attacks against their network.

ImageImageImageImageATP icon

Agentless, built into the OS

Windows Defender Advanced Threat Protection (ATP) is powered by behavioral sensors built into Windows 10.

ImageImageImageImageCloud icon

Powered by the Cloud

The security analytics cloud detects attacks that have made it past all other defenses, using behavioral and Machine Learning detections over new and historical information to identify attacks.

ImageImageImageImagePeople icon

Unparalleled Expertise and Data

Fueled by a combination of unparalleled threat optics and deep OS security and big data expertise.

Looking for mobile solutions for your industry?

view industry solutions
ImageImageImageImageBusinessman typing at a desktop computer

Windows Defender ATP Research

Read the research
ImageImageImageImageScreenshot from Windows Defender ATP

Uncovering cross-process injection with Windows Defender ATP

Read the story
ImageImageImageImageRansomware graph

Post Breach Dealing with Advanced Threats Whitepaper

Advanced Threats white paper
ImageImageImageImageClose up view of keys on keyboard, backlit by light

The New Post-Breach Approach to Endpoint Security

Watch the webcast