Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) has rapidly evolved with new protection, detection, and investigation capabilities. But customers continue to ask about web protection with questions like “How can we manage web threats?” and “How can Microsoft Defender ATP help us protect web browsing activities?”
In response to these inquiries, we are today giving customers more visibility into web threats affecting their network through the new web protection report which complements existing alerts for web threats, machine timeline events, and detailed domain/URL profiles. Existing Microsoft Defender ATP customers with preview features turned on are now able to experience this enhanced visibility in Microsoft Defender Security Center.
Web protection leverages existing network protection capabilities to secure your devices against web threats without relying on a web proxy, providing security for devices that are either outside the network or on premises. It integrates with Microsoft Edge as well as popular third-party browsers (such as Chrome, Firefox, etc.), to stop access to phishing sites, malware vectors, exploit sites, untrusted or low-reputation sites, as well as sites that are blocked in your custom indicator list.
Web protection provides both security administrators and security operations:
Monitor web browsing security
To help you monitor web browsing security, web protection delivers detection statistics on two interactive cards under Reports > Web protection in the Microsoft Defender Security Center:
Respond to web threats with alerts
Web protection empowers security operations by allowing them to efficiently investigate and respond to web threat detections surfaced as Microsoft Defender ATP alerts. Each alert provides the following information:
For information about web threat protection in Microsoft Defender ATP, see web protection documentation.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.