Windows Defender Advanced Threat Protection

Detect, investigate and respond to advanced attacks.

start trialRequest a quote
Windows Defender ATP app screenshot on generic device

Post-breach detection, investigation and response

Even the best endpoint defenses will be breached eventually, as cyberattacks become more sophisticated and targeted. Windows Defender Advanced Threat Protection (ATP) helps our enterprise customers detect, investigate, and respond to advanced attacks and data breaches on their networks.

Windows Defender ATP app screenshot on generic device

Detect Attacks

Detect attacks and zero-day exploits using advanced behavioral analytics and Machine Learning.

Uncover scope of breach

Visually investigate forensic evidence across your endpoints to easily uncover scope of breach.

Interactively hunt

Instantaneously search and explore 6 months of historical data across endpoints.

Respond and remediate

Quickly respond to contain the attack and prevent reoccurrence.

Protect icon


Today’s cloud-first, mobile-first world demands the highest level of identity & data security.

Windows Defender Advanced Threat Protection

Cloud detect icon


Comprehensive monitoring tools to help you spot abnormalities and respond to attacks faster.

Respond icon


Leading response and recovery technologies plus deep consulting expertise.

Windows 10 Advanced Security Webinar Series

Available on demand now

Watch now

The Windows Defender ATP Advantage

Detecting the undetectable

Sensors built deep into the operating system kernel, Windows security experts, and unique optics from over 1B machines and signals across all Microsoft services.

Built in, not bolted on

Agentless with high performance and low impact, cloud-powered; easy management with no deployment.

Single pane of glass for Windows security

Explore 6 months of rich machine timeline that unifies security events from Windows Defender ATP, Windows Defender Antivirus and Device Guard.

The power of the Microsoft graph

Leverages the Microsoft Intelligence Security Graph to integrate detection and exploration with Office 365 ATP subscription, to track back and respond to attacks.

Windows 10 Creators Update advances security and best-in-class modern IT tools

What's new in Windows Defender ATP

How we protect your business from advanced threats

Windows Defender ATP combines sensors built-in to the operating system with a powerful security cloud service enabling Security Operations to detect, investigate, contain, and respond to advanced attacks against their network.

ATP icon

Agentless, built into the OS

Windows Defender Advanced Threat Protection (ATP) is powered by behavioral sensors built into Windows 10.

Cloud icon

Powered by the Cloud

The security analytics cloud detects attacks that have made it past all other defenses, using behavioral and Machine Learning detections over new and historical information to identify attacks.

People icon

Unparalleled Expertise and Data

Fueled by a combination of unparalleled threat optics and deep OS security and big data expertise.

Start your trial today

Sign up to evaluate Windows Defender ATP for your Enterprise.

Start free trial

News & Resources

Forrester logo

The Total Economic ImpactTM of Microsoft Windows Defender ATP

read the report
Image of computer center

Windows Defender Advanced Threat Protection Information Kit

download the kit
Businessman typing at a desktop computer

Windows Defender ATP Research

read the research
 Screenshot from Windows Defender ATP

Uncovering cross-process injection with Windows Defender ATP

Read the story
Ransomware graph

Post Breach Dealing with Advanced Threats Whitepaper

read the white paper
Close up view of keys on keyboard, backlit by light

The New Post-Breach Approach to Endpoint Security

Watch the webcast

TM Forrester is a registered trademark and service mark of Forrester, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.