Initially, Advanced Threat Protection was introduced only with systems shipped with the last Microsoft Operating System: Windows 10; but soon it will be included in previous versions as well, at least systems with Windows 7 and Windows 8.1.

The suite includes security and protection services and help systems to block and defend against emerging and sophisticated attacks. The tools in its full capacity is able to detect 0-day attacks and prevent data breaches.

Why is this relevant for businesses?

Many businesses use Windows as main system in their organization computers, that means, since WinXP was declared obsolete and no further support is offered, most of the companies migrated to newer versions: Windows Vista, 7, 8.1 or in the best case: Windows 10.

Keeping in mind the Operation System distribution in the organizations and the importance given to the threats in an organizational context,

it is relevant to have this kind of protection to help facing the most critical issues to business operations and avoid operational disruptions with 0-day attacks and data breaches,

specially relevant with the introduction of GDPR.

Some of the recent breaches that could habe been potentially minimized with the use of this kind of tools:

One plus: exposing 40,000 Customer data in 2017

Equifax: exposing 143 million records of American citizens in 2017

Uber: exposing 56 million of PII records and 600,000 driver data in 2016

Microsoft plans to extend ATP to support systems with Windows 7 and Windows 8.1, specially the End-point protection and response functionality (EDR). Beta versions will be available for users willing to evaluate the functionality offered before it reaches the mass market.

It’s worthwhile to mention that Microsoft announced a cybersecurity partnership to extend ATP protection and safeguards on non-Windows devices. In the same context, another providers with similar products are offering monitoring and respond to threats targeting iOS, Android, MacOS and Linux devices already.

Security Information reflections by me:

Thread Landscape: “Provides an overview of threats, together with current and emerging trends” ENISA

As security professionals, it’s always important to keep the mind open and to have open the eyes, regardless of the software provider preferences, to all threads and emerging trends on the IT and… its impact to Business landscape.

Being conscious that not all organization have the reaction potential for an operating system upgrade at organization level, one security control that could “mitigate” the impact of not rolling a new OS yet, would be implementing additional controls, just like this.

This technology only supports the “security in layer” principle, because even with the best and last technology, no facility or device is 100% secure.

We can only try to anticipate events and be better prepared with tools, methods and process to improve our security posture.