From securityweek.com
Microsoft has unveiled several enhancements to its Windows Defender Advanced Threat Protection (ATP) product to improve its protection capabilities.
The improvements target various aspects of the endpoint protection platform, such as attack surface reduction, post-breach detection and response, automation capabilities, security insights, and threat hunting, Moti Gindi, General Manager, Windows Cyber Defense, explains.
Windows Defender ATP now has new attack surface reduction rules, designed to prevent Office communication applications (including Outlook) and Adobe Acrobat Reader from creating child processes. The new rules should help prevent a variety of attacks, such as those using macro and vulnerability exploits.
However, the company also added improved customization for exclusions and allow lists, which can be applied to folders and even individual files, GindiĀ reveals.