Microsoft Defender for Endpoint P2 (NCE)

Microsoft Defender for Endpoint is a platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats.

It uses the following combination of technology built into Windows 10 and Microsoft's robust cloud service:

  • Endpoint behavioral sensors: Embedded in Windows 10, these sensors collect and process behavioral signals from the operating system and sends this sensor data to your private, isolated, cloud instance of Microsoft Defender ATP.

  • Cloud security analytics: Leveraging big-data, machine-learning, and unique Microsoft optics across the Windows ecosystem, enterprise cloud products (such as Office 365), and online assets, behavioral signals are translated into insights, detections, and recommended responses to advanced threats.

  • Threat intelligence: Generated by Microsoft hunters, security teams, and augmented by threat intelligence provided by partners, threat intelligence enables Microsoft Defender ATP to identify attacker tools, techniques, and procedures, and generate alerts when these are observed in collected sensor data.

Microsoft Defender for Endpoint:

  • Threat and Vulnerability Management.
  • Tools to surgically reduce the attack surface.
  • Next-generation protection to block threats and malware. 
  • Endpoint detection and response to detect advanced attacks.
  • Automated investigation and remediation of threats.
  • Managed threat-hunting service.

 

You can find more information here.