To ward off new-age ransomware cyber attacks like ‘Petya’ that have affected several companies and institutions in the world, Microsoft has announced it would infuse artificial intelligence (AI) into its antivirus stack. In the upcoming Windows Fall Creators Update, the company will power Windows Defender Advanced Threat Protection (Windows Defender ATP) with its cloud-based security intelligence.
“It moves us from a world of isolated defences to a smart, interconnected and coordinated defence grid that is more intelligent, simple to manage, and ever-evolving,” Avi Sagiv, Principal Programme Manager, Windows Defender ATP at Microsoft, said in a blog post. “Our initial focus was to reduce the time it takes companies to detect, investigate, and respond to advanced attacks. We offer a set of new prevention capabilities designed to stop attacks as they happen and before they have impact,” he added.
The new cyber attack Petya began massively affecting dozens of companies and institutions in the world, beginning with Russia and Ukraine on Tuesday, and spreading to Asia, Australia and the US.
“We will also provide a single pane of glass experience for security professionals. This means that security management teams can easily configure a broad set of Windows security stack technologies through an integrated configuration management experience.”
This will not only give companies a full picture of what’s happening on their endpoints, but will also put them in the driver’s seat to quickly react to threats as they happen. “Leveraging our cloud-based security intelligence gives the optics, context, and tools that companies need to quickly investigate and remediate incidents,” Microsoft added.
The update will have “Windows Defender Exploit Guard” which gives companies more control on restricting how code runs on computer networks. For example, users will be able to update and run machine scan using Windows Defender Antivirus, conduct application restriction per machine, and block execution of unknown files using “Device Guard” technology.
Customers can monitor overall endpoint security health, quickly identify weak spots in their network, and take the necessary resolution actions. “Windows Defender ATP will help identify vulnerable areas in endpoints by providing protection score across a wide set of Windows security technologies,” Sagiv posted. For those running Windows 10, the update will develop a signature for a new cyber threat so that other users can be protected as well as the first victim.