Skip to main content
Skip to main content
Microsoft
Microsoft Security
Microsoft Security
Microsoft Security
Home
Solutions
Cloud security
Frontline workers
Identity & access
Industrial & critical infrastructure
Information protection & governance
IoT security
Passwordless authentication
Phishing
Ransomware
Risk management
Secure remote work
SIEM & XDR
Small & medium business
Zero Trust
Products
Product families
Product families
Microsoft Defender
Microsoft Entra
Microsoft Intune
Microsoft Priva
Microsoft Purview
Microsoft Sentinel
Identity & access
Identity & access
Azure Active Directory part of Microsoft Entra
Microsoft Entra Identity Governance
Microsoft Entra Permissions Management
Microsoft Entra Verified ID
Microsoft Entra Workload Identities
Azure Key Vault
SIEM & XDR
SIEM & XDR
Microsoft Sentinel
Microsoft Defender for Cloud
Microsoft 365 Defender
Microsoft Defender for Endpoint
Microsoft Defender for Office 365
Microsoft Defender for Identity
Microsoft Defender for Cloud Apps
Microsoft Defender Vulnerability Management
Microsoft Defender Threat Intelligence
Cloud security
Cloud security
Microsoft Defender for Cloud
Microsoft Defender Cloud Security Posture Mgmt
Microsoft Defender for DevOps
Microsoft Defender External Attack Surface Management
Azure Firewall
Azure Web App Firewall
Azure DDoS Protection
GitHub Advanced Security
Endpoint security
Endpoint security
Microsoft 365 Defender
Microsoft Defender for Endpoint
Microsoft Defender for IoT
Microsoft Defender for Business
Microsoft Defender Vulnerability Management
Risk management & privacy
Risk management & privacy
Microsoft Purview Insider Risk Management
Microsoft Purview Communication Compliance
Microsoft Purview eDiscovery
Microsoft Purview Compliance Manager
Microsoft Purview Audit
Microsoft Priva Risk Management
Microsoft Priva Subject Rights Requests
Information protection
Information protection
Microsoft Purview Information Protection
Microsoft Purview Data Lifecycle Management
Microsoft Purview Data Loss Prevention
Endpoint management
Endpoint management
Microsoft Intune
Services
Microsoft Security Experts
Microsoft Defender Experts for Hunting
Microsoft Security Services for Enterprise
Microsoft Security Services for Incident Response
Microsoft Security Services for Modernization
Partners
Resources
Get started
Get started
Cybersecurity awareness
Customer stories
Security 101
Product trials
How we protect Microsoft
Reports and analysis
Reports and analysis
Industry recognition
Microsoft Security Insider
Microsoft Digital Defense Report
Security Response Center
Community
Community
Microsoft Security Blog
Microsoft Security Events
Microsoft Tech Community
Documentation and training
Documentation and training
Documentation
Technical Content Library
Training & certifications
Additional sites
Additional sites
Compliance Program for Microsoft Cloud
Microsoft Trust Center
Security Engineering Portal
Service Trust Portal
Contact sales
More
Start free trial
All Microsoft
Global
Microsoft Security
Azure
Dynamics 365
Microsoft 365
Microsoft Teams
Windows 365
Tech & innovation
Tech & innovation
Microsoft Cloud
AI
Azure Space
Mixed reality
Microsoft HoloLens
Microsoft Viva
Quantum computing
Sustainability
Industries
Industries
Education
Automotive
Financial services
Government
Healthcare
Manufacturing
Retail
All industries
Partners
Partners
Find a partner
Become a partner
Partner Network
Find an advertising partner
Become an advertising partner
Azure Marketplace
AppSource
Resources
Resources
Blog
Microsoft Advertising
Developer Center
Documentation
Events
Licensing
Microsoft Learn
Microsoft Research
View Sitemap
Search
Search Microsoft Security
No results
Cancel
Sign in
Windows Defender Antivirus
Windows Defender Antivirus
Featured image for How Windows Defender Antivirus integrates hardware-based system integrity for informed, extensive endpoint protection
July 31, 2019
• 4 min read
How Windows Defender Antivirus integrates hardware-based system integrity for informed, extensive endpoint protection
The deep integration of Windows Defender Antivirus with hardware-based isolation capabilities allows the detection of artifacts of attacks that tamper with kernel-mode agents at the hypervisor level.
Read more
How Windows Defender Antivirus integrates hardware-based system integrity for informed, extensive endpoint protection
Featured image for New machine learning model sifts through the good to unearth the bad in evasive malware
July 25, 2019
• 4 min read
New machine learning model sifts through the good to unearth the bad in evasive malware
Most machine learning models are trained on a mix of malicious and clean features. Attackers routinely try to throw these models off balance by stuffing clean features into malware. Monotonic models are resistant against adversarial attacks because they are trained differently: they only look for malicious features. The magic is this: Attackers can’t evade a monotonic model by adding clean features. To evade a monotonic model, an attacker would have to remove malicious features.
Read more
New machine learning model sifts through the good to unearth the bad in evasive malware
Featured image for Dismantling a fileless campaign: Microsoft Defender ATP’s Antivirus exposes Astaroth attack
July 8, 2019
• 8 min read
Dismantling a fileless campaign: Microsoft Defender ATP’s Antivirus exposes Astaroth attack
Advanced technologies in Microsoft Defender ATP's Antivirus exposed and defeated a widespread fileless campaign that completely “lived off the land” throughout a complex attack chain that run the info-stealing backdoor Astaroth directly in memory
Read more
Dismantling a fileless campaign: Microsoft Defender ATP’s Antivirus exposes Astaroth attack
Featured image for Inside out: Get to know the advanced technologies at the core of Microsoft Defender ATP next generation protection
June 24, 2019
• 4 min read
Inside out: Get to know the advanced technologies at the core of Microsoft Defender ATP next generation protection
While Windows Defender Antivirus makes catching 5 billion threats on devices every month look easy, multiple advanced detection and prevention technologies work under the hood to make this happen. Multiple next-generation protection engines to detect and stop a wide range of threats and attacker techniques at multiple points, providing industry-best detection and blocking capabilities.
Read more
Inside out: Get to know the advanced technologies at the core of Microsoft Defender ATP next generation protection
Featured image for Windows Defender Antivirus can now run in a sandbox
October 26, 2018
• 6 min read
Windows Defender Antivirus can now run in a sandbox
Windows Defender Antivirus has hit a new milestone: the built-in antivirus capabilities on Windows can now run within a sandbox.
Read more
Windows Defender Antivirus can now run in a sandbox
Featured image for Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV
September 27, 2018
• 16 min read
Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV
Removing the need for files is the next progression of attacker techniques. While fileless techniques used to be employed almost exclusively in sophisticated cyberattacks, they are now becoming widespread in common malware, too.
Read more
Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV
Featured image for Office VBA + AMSI: Parting the veil on malicious macros
September 12, 2018
• 10 min read
Office VBA + AMSI: Parting the veil on malicious macros
As part of our continued efforts to tackle entire classes of threats, Office 365 client applications now integrate with Antimalware Scan Interface (AMSI), enabling antivirus and other security solutions to scan macros and other scripts at runtime to check for malicious behavior. Macro-based threats have always been a prevalent entry point for malware, but we…
Read more
Office VBA + AMSI: Parting the veil on malicious macros
Featured image for Small businesses targeted by highly localized Ursnif campaign
September 6, 2018
• 6 min read
Small businesses targeted by highly localized Ursnif campaign
In social engineering attacks, is less really more? A new malware campaign puts that to the test by targeting home users and small businesses in specific US cities. This was a focused, highly localized attack that aimed to steal sensitive info from just under 200 targets. Macro-laced documents masqueraded as statements from legitimate businesses. The documents are then distributed via email to target victims in cities where the businesses are located. With Windows Defender AV’s next gen defense, however, the size of the attack doesn’t really matter. Several cloud-based machine learning algorithms detected and blocked the malicious documents at the onset, stopping the attack and protecting customers from what would have been the payload, info-stealing malware Ursnif.
Read more
Small businesses targeted by highly localized Ursnif campaign
Featured image for Protecting the protector: Hardening machine learning defenses against adversarial attacks
August 9, 2018
• 8 min read
Protecting the protector: Hardening machine learning defenses against adversarial attacks
Harnessing the power of machine learning and artificial intelligence has enabled Windows Defender Advanced Threat Protection (Windows Defender ATP) next-generation protection to stop new malware attacks before they can get started – often within milliseconds. These predictive technologies are central to scaling protection and delivering effective threat prevention in the face of unrelenting attacker activity.…
Read more
Protecting the protector: Hardening machine learning defenses against adversarial attacks
August 7, 2018
• 3 min read
Protecting the modern workplace from a wide range of undesirable software
Security is a fundamental component of the trusted and productive Windows experience that we deliver to customers through modern platforms like Windows 10 and Windows 10 in S mode. As we build intelligent security technologies that protect the modern workplace, we aim to always ensure that customers have control over their devices and experiences. To…
Read more
Protecting the modern workplace from a wide range of undesirable software
1
2
3
…
8
Next Page
