Microsoft Defender for Endpoint is an enterprise endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats.
Designed for enterprise networks, Microsoft Defender for Endpoint is a robust endpoint security platform that helps prevent, detect, investigate, and respond to advanced threats. The platform employs a combination of technology, which includes endpoint behavioral sensors embedded in Windows 10, cloud security analytics that leverage big data and machine learning, and threat intelligence generated by Microsoft hunters and security teams, as well as partner-provided intelligence. By collecting and processing behavioral signals from the operating system, the sensors send this data to the private, isolated cloud instance of Microsoft Defender for Endpoint, where it is translated into insights, detections, and recommended responses to advanced threats. This enables the platform to identify attacker tools, techniques, and procedures, and generate alerts when they are observed in collected sensor data.