Microsoft Corp. is rolling out a new security system for enterprises using its Windows 10 operating system that is claimed to be able to stop attacks as soon as they happen.

Called “Windows Defender Advanced Threat Protection,” the system monitors computer systems within an enterprise and looks for signs that an attack is occurring, and alerts the designated IT manager on who, what and why the attack happened, and the best way to mitigate the attack and lock down data.

The system is powered by a combination of Windows behavioral sensors, cloud-based security analytics, threat intelligence, and through access to Microsoft’s intelligent security graph.

Reporting in Windows Defender Advanced Threat Protection includes the examination of machines within the enterprise network over the last six months and delivers a “simple attack timeline” that replaces the need to explore raw logs by exposing process, file, URL and network connection events for a specific machine or across the enterprise.

Interestingly customers are not being given a choice as to whether they want the new system, as it will be “built into Windows 10,” presumably through a Windows update, but the bonus of that is that as it will become part of Windows itself there will be no additional costs or deployment effort required within an enterprise itself.

“We’re seeing increasingly brazen cyberattacks. Cybercriminals are well organized with an alarming emergence of state-sponsored attacks, cyber-espionage and cyber terror. Even with the best defense, sophisticated attackers are using social engineering and zero-day vulnerabilities to break-in to corporate networks,” Microsoft Executive Vice President (Windows and Devices Group) Terry Myerson said in a post on the Windows Experience blog.

“We’ve found it currently takes an enterprise more than 200 days to detect a security breach and 80 days to contain it. During this time, attackers can wreak havoc on a corporate network, stealing data, breaching privacy, and destroying the trust of customers…As the attackers’ approaches have evolved and become more sophisticated, so too must our approach to provide security to our enterprise customers. And, our customers agree, as 90% of surveyed IT Directors said they need a full-fledged advanced threat protection solution that identifies attacks quicker with comprehensive intelligence, and provides actionable remediation.”

It’s free

While ultimately whether Windows Defender Advanced Threat Protection is any good will come down to real world testing, there is one bonus from it all, and that’s the fact that Windows appears to be offering it for free.

Windows 10 already includes a number of security features that Microsoft is using to sell the operating system to enterprises with including Credential Guard and Device Guard, and Windows Defender Advanced Threat Protection ultimately becomes another incentive towards getting enterprises to upgrade their networks.

Image credit: Microsoft.