- Windows Creators Update improves the OS memory and kernel sensors to enable detection of attackers who are employing in-memory and kernel-level attacks – shining a light into previously dark spaces where attackers hid from conventional detection tools.
- Microsoft continues to upgrade our detections of ransomware and other advanced attacks, applying our behavioral and machine-learning detection library to counter changing attacks trends.
- Windows Defender Antivirus detections and Device Guard blocks are the first to surface in the Windows Defender ATP portal interleaved with Windows Defender ATP detections.
- The alert page now includes a new process tree visualization that aggregates multiple detections and related events into a single view that helps security teams reduce the time to resolve cases by providing the information required to understand and resolve incidents without leaving the alert page.
- When detecting an attack, security teams can now take immediate action: isolate machines, ban files from the network, kill and quarantine running processes or files, or retrieve an investigation package from a machine to provide forensic evidence – with a click of a button.
You can register for the Creators Update trial to experience the above new features.