Microsoft Taps Security Partners for Windows Defender ATP
- By Kurt Mackie
- November 09, 2017
Security software providers Bitdefender, Lookout and Ziften are partnering with Microsoft to integrate the company's Windows Defender Advanced Threat Protection (ATP) service into their respective threat protection services.
Windows Defender ATP is Microsoft's post-breach analysis service that uses machine learning and expert analysis to provide security forensics information for organizations. It also will get autoremediation capabilities later this year.
The partnerships announced Wednesday will light up Windows Defender Security Center as a single pane for viewing security analyses coming from Windows Defender ATP, as well as from security partner solutions.
Bitdefender, Lookout and Ziften are "the first of several strategic partnerships coming for Windows Defender ATP," Microsoft's announcement stated. Currently their integrated solutions are available at the preview stage.
Bitdefender GravityZone Cloud is integrated with Windows Defender ATP at the public preview stage, adding protection for Mac and Linux devices. The Bitdefender GravityZone Cloud service applies machine learning to "predict and block advanced attacks," according to Bitdefender's description. Users can "view comprehensive threat intelligence information on malware and suspicious files, such as threat type, threat category, and many other relevant details," Microsoft's announcement indicated.
The Lookout Mobile Endpoint Security integration with Windows Defender ATP is at the preview stage and will add protection for Android and iOS mobile devices. It specifically adds protections for "app, device, network and web and content vectors." When integrated, users will see analytics and alerts in the Windows Defender ATP console. Lookout expects the integrated products will be "generally available by early 2018," but it's possible to sign up for an early preview, according to Lookout's announcement.
Ziften also is offering a preview (with sign-up) of its Windows Defender ATP integration. The integration of the Ziften Zenith systems and security operations platform provides added protection for advanced attacks on macOS and Linux devices. It adds "post-breach detection, investigation, and response to any asset, anywhere," according to Ziften's announcement.
Windows Defender ATP has the ability to track individual device event history "for up to six months," according to Microsoft. Organizations also get search capabilities across this historical data "across all their endpoints."
Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.