Windows 10 “Creators Update”

Windows 10 “Creators Update”

What is the Windows 10 “Creators Update” ?

Businesses are upgrading to Windows 10 at an incredible pace, with a 3X increase in Windows 10 enterprise deployments over the last six months… But what is next?

Windows 10 Creators Update will deliver new features and capabilities for modern IT and bring even more security advancements to enterprise customers as CxOs and IT drive digital transformation to better optimise operations, enhance productivity and maintain the most secure environment possible without the need for multiple 3rd party apps and services. Highlights include:

Security intelligence across devices, networks and the cloud

The cyber threat landscape today requires an ongoing and relentless focus on security. Windows 10 “Creators Update” will continue to bring new security capabilities enabling IT to better protect, defend and respond to threats on their networks, IoT and devices. Microsoft are making it easier to monitor, track and act by creating one view of Windows 10 security events in the centralised portal called the Windows Security Centre. The Windows Security Centre will link to Office 365 Advanced Threat Protection, via the Microsoft Intelligent Security Graph, to allow IT to easily follow an attack across endpoints and email in a seamless and integrated way.

Enriched Detection

The methods and means attackers use are increasingly varied, complex and well-funded. With the “Creators Update”, Microsoft will be expanding Windows Defender ATP sensors to detect threats that persist only in memory or kernel level exploits. This will enable IT to monitor loaded drivers and in-memory activities, and to detect various patterns of injection, reflective loading, and in-memory modifications indicating potential kernel exploits.

Enriched Intelligence

Microsoft already add on to their Threat Intelligence (TI) with industry partners like FireEye iSIGHT Threat Intelligence. In the Creators Update, Microsoft will enable IT to feed their own intelligence into the Windows Security Centre for alerts on activities based on their own indicators of compromise. This added level of insight will enrich machine learning models to identify and block malware more quickly and better protect their unique environment.

Enhanced Remediation

New remediation actions are also on their way in Windows Defender ATP that will give IT the tools to isolate machines, collect forensics, kill and clean running processes and quarantine or block files with a single click in the Windows Security Centre and further reduce response time.

Rob Quickenden, Chief Strategy Officer at Cisilion