What Is Microsoft Defender Advanced Threat Protection and How to Use It

Daisy updated on Jan 11, 2024 | Home > Knowledge Center

Windows Defender Advanced Threat Protection provides users of Windows with a unified security platform. It has many features, such as hardware-based isolation, antivirus, and others. Threat detection, analytics, and automated responses are the main goals of Windows Defender ATP to both identify potential breaches before they happen and be able to react to breaches as quickly as possible once they do. There are three levels of service. It protects against host intrusions, fileless and file-based attacks, and attempts to manage programs on the top layer. All of this is made possible by Microsoft's next-generation antimalware technology.

What is Microsoft Defender Advanced Threat Protection

Enterprise networks can prevent, detect, investigate, and respond to sophisticated attacks with the aid of Microsoft Defender Advanced Threat Protection. The following technology from Windows 10 and Microsoft's cloud service are combined. The primary activities of Microsoft Defender ATP are Threat intelligence, Cloud security analytics, and Endpoint behavioral sensors. Because it is hosted in the cloud, Microsoft Defender ATP is agentless and doesn't need to be deployed or have any infrastructure. The method makes use of "endpoint behavioral sensors," which are found in each device's operating system. Windows sensors continuously gather data and send it back to your company's own Microsoft Defender cloud instance. The behavior of the programs running on the machines in your company is then examined by Microsoft Defender ATP to see if anything appears to pose a threat.

How to Set up Microsoft Defender Advanced Threat Protection

With Microsoft Defender Advanced Threat Protection, you can leverage the power of the cloud to defend against threats that are becoming more sophisticated and prevalent. With a cloud security system that can handle the most demanding analytical workloads, you can identify and investigate security occurrences within your company. The information needed to set up Microsoft Defender Advanced Threat Protection is provided below.

Step 1. Search on Google as Microsoft Endpoint Manager as (https://endpoint.microsoft.com).

microsoft defender atp platform threat

Step 2. Then click on "Endpoint security > Antivirus." Using the Microsoft Defender Antivirus profile type, choose an "existing policy" or create a "new policy."

endpoint security policies

Step 3. For Threat History, click "Report file." You can eliminate any threat if you locate it.

antivirus report

Step 4. You must confirm that the configurations are turned on as, Set Microsoft Defender Antivirus Extended Timeout in Second to "50," Cloud-delivered Protection Level to "High," and Turn on Cloud-delivered Protection to "Yes."

intune block


In a nutshell, Windows Defender ATP is a third-party anti-virus compatible cloud-based threat management and protection solution for Windows 10 that does not require the deployment of agents (since they are inbox features).

Microsoft markets ATP to businesses but considering that it integrates with its other products and is entirely hosted in the cloud, it ought to be available to everyone.

Was This Page Helpful?


Updated by Daisy

Daisy is the Senior editor of the writing team for EaseUS. She has been working at EaseUS for over ten years, starting as a technical writer and moving on to being a team leader of the content group. As a professional author for over ten years, she writes a lot to help people overcome their tech troubles.

Read full bio

Totalav antivirus software