Azure Security Center integration with Windows Defender ATP - Preview available!

Published May 10 2018 02:03 AM 7,195 Views

We recently announced that Windows Defender ATP is integrating with Azure Security Center (ASC), to provide a comprehensive server protection solution, including Endpoint Detection and Response (EDR) capabilities on Windows Servers.

ASC now harnesses the power of WDATP to provide improved threat detection for Windows Servers, Microsoft’s vast threat intelligence enables WDATP to identify and notify you of attackers’ tools and techniques, so you can understand threats and respond; to uncover more information about a breach, you can explore the details in the interactive Investigation Path within Security Center blade.





The following capabilities are available as part of this preview:

  • Automated onboarding - WDATP sensor is automatically enabled on Servers onboarded to ASC
  • Single pane of glass –
    • WDATP alerts are available in the ASC console
    • Servers monitored by ASC are also visible in WDATP - ASC seamlessly connects to the customer WDATP tenant to provide a single view across clients and servers
  • Detailed machine investigation – ASC customers can access WDATP console to perform detailed investigation to uncover scope of breach


If you’re already using ASC – these capabilities will be enabled over the next several weeks, WDATP will be automatically enabled for Azure and on-premises Windows Servers that are onboarded to ASC.


In case you aren’t currently using ASC, click here to try it out.  



Thank you!

The Windows Defender ATP & Azure Security Center Teams

Version history
Last update:
‎May 10 2018 03:12 AM
Updated by: