Windows Defender Advanced Threat Protection

Intelligence-driven protection, detection and response.

People in a computer lab working on Windows Defender ATP

Preventative protection, post-breach detection, investigation and response

Windows Defender Advanced Threat Protection (ATP) provides preventative protection, detects attacks and zero-day exploits, and gives you centralised management for your end-to-end security lifecycle.

Windows 10 on a Surface Book

Agentless, built into the OS

Windows 10 next-gen threat protection and post-breach detection are deeply built into the operating system.

Analytics-based, cloud-powered

Windows Defender ATP can quickly adapt to changing threats, deploy new defenses, and orchestrate remediation.

Simple pane of glass and centralised management

Manage your end-to-end security lifecycle from Security Operations to Security Administrations.

Amplified by the power of Microsoft Secure

Windows Defender ATP is a key component of the Microsoft Secure stack, amplifying security across Windows, Office and Azure.

The Windows Defender ATP advantage

Threat protection

Today's cloud-first, mobile-first world demands next-gen exploit and threat protection.


Comprehensive monitoring tools to help you spot abnormalities and respond to attacks faster.

Security posture

Track your overall security state and receive recommendations for actions to further reduce your organisation's attack surface.


Instantaneously search and explore six months of historical data across your endpoints.

We protect your business from advanced threats

Through the power of the cloud, machine learning and behaviour analytics, Windows Defender ATP provides smart, connected threat protection.

Windows Defender System Guard

Windows Defender System Guard helps maintain and validate the integrity of the devices firmware, OS and system defenses.

Windows Defender Application Guard

Protects Windows, apps, information, and the network from threats encountered while using Microsoft Edge.

Windows Defender Exploit Guard

New rich set of intrusion prevention capabilities for Windows 10 to reduce the attack and exploit surface of applications.

Windows Defender Antivirus

Detects fast-changing malware variations using behaviour monitoring and cloud-powered protection.

Windows Defender Application Control

Detects fast-changing malware variations using behaviour monitoring and cloud-powered protection.

Windows 10 Advanced Security Webinar Series

Available on demand now


Post-breach detection, investigation and response

As cyberattacks become more sophisticated, Windows Defender ATP helps you detect, investigate and respond to advanced attacks and data breaches faster. The security and privacy of our customers data is our top priority.Windows Defender ATP is ISO 27001 certified.


Detecting the undetectable

Detect attacks and zero-day exploits using advanced behavioural analytics and Machine Learning.

Uncover scope of breach

Visually investigate forensic evidence across your endpoints to easily uncover the scope of breach.

Interactively hunt

Instantaneously search and explore six months of historical data across endpoints.

Respond and remedy

Quickly respond to contain the attack and prevent reoccurrence.

The power of the Microsoft graph

Integrates detection and exploration with Office 365 ATP subscription, to track back and respond to attacks.

Windows 10 Fall Creators Update advances security and best-in-class modern IT tools

Windows 10 makes it easy to protect data at rest and in use. Windows Information Protection delivers the fundamentals you need for protecting your information.


Start your trial today

Sign up to evaluate Windows Defender ATP for your Enterprise.

Start free trial

News & Resources

Forrester logo

The Total Economic ImpactTM of Microsoft Windows Defender ATP

Read the report
Image of computer centre

Windows Defender Advanced Threat Protection Information Kit

Download the kit
Businessman typing at a desktop computer

Windows Defender ATP Research

Read the research
 Screenshot from Windows Defender ATP

Uncovering cross-process injection with Windows Defender ATP

Read the story
Ransomware graph

Post Breach Dealing with Advanced Threats Whitepaper

Read the white paper
Close up view of keys on keyboard, backlit by light

The New Post-Breach Approach to Endpoint Security

Watch the webcast

TM Forrester is a registered trademark and service mark of Forrester, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.