Microsoft provides users of Windows 10 with Windows Defender built in. They say that 96% of the malware are polymorphic. This means that it is experienced by a single user and a single device before gets replaced by another one. Well, this is where the Windows Defender Advanced Threat Protection (ATP) comes into the picture. This is because it fixes your files and these exploits in real time when you are online.
Windows Defender is the most deployed solution in enterprise
Talking about how it started, Microsoft states that their antivirus capabilities are being improved day by day. By mid of 2015, they were scoring 85% – 100% on their Prevalence Tests. And in December 2017, they reached a milestone on AV-TEST where they achieved a perfect score in Prevalence and Real-World based tests. They published a chart for the performance measured on Windows 7 as well.
Now in starting in 2018, they achieved another major milestone where they detected all the malware samples consecutively for 5 months. This beats their previous milestone which was 100% blocking of malware for four months consecutively. They even published a chart of the AV-TEST as a proof.
They even talked about how these tests are carried out. They said-
While independent antivirus tests are one indicator of a security solution’s capabilities and protections, it’s important to understand that this is only one part of a complete quality assessment.
For example, in the case of Windows Defender ATP (which integrates our antivirus capabilities and the whole Windows security stack), our customers have a much larger set of protection features – none of which are factored into the tests. These features provide additional layers of protection that help prevent malware from getting onto devices in the first place. These features include the following:
- Windows Defender System Guard
- Windows Defender Application Guard
- Windows Defender Application Control
- Windows Defender Exploit Guard.
If organizations like AV-Comparatives and AV-TEST performed complete security stack tests (i.e., testing against the complete endpoint protection solution) the results would often tell a very different story. For example, in November, we scored a 98.9% based on a single file miss on the Real-World test. The good news, however, is that we would have scored 100% if either Windows Defender Application Guard or Application Control was enabled.
You can learn more about Windows Defender and how good it is here on their official post.
