Microsoft Brings Post-Breach Detection To Windows 10

mmoorebz writes: Microsoft is recognizing the increasingly sophisticated cyber attacks on enterprises, which is why it is taking a new approach to protect its customers. Today it announced its new post-breach enterprise security service called Windows Defender Advanced Threat Protection, which will respond to these advanced attacks on companies' networks. Attackers these days are using social engineering and zero-day vulnerabilities to break into corporate networks. According to Microsoft, thousands of attacks were reported in 2015 alone. The company found that it currently takes an enterprise more than 200 days to detect a security breach, and 80 days to contain it. When there is such a breach, the attackers can steal company data, find private information, and damage the brand and customer trust in the company.

Snort, Nagios, Fail2Ban, Wireshark, etc. etc.

Any IT Director of a mid-to-large scale environment who does not have a dedicated intrusion-detection team running open source tools should have his ass fired. Out of a cannon. Into the sun.

Pot, kettle and all that

[Opportunist]

Wouldn't the first step be to stop snooping through their user's information themselves?

Re:Vulnerabilities?

[AHuxley]

AC re 'but to my knowledge no one has ever found any." did you forget all the interesting PRISM news back in 2013?
http://www.dailymail.co.uk/new...
Microsoft handed the NSA access to encrypted messages
http://www.theguardian.com/wor...
"encryption unlocked even before official launch"
".. helped the NSA to circumvent its encryption"
"... routinely shared with the FBI and CIA, with one NSA document describing the program as a "team sport""