Cloud protection and Microsoft Defender Antivirus
Applies to:
- Microsoft Defender for Endpoint Plan 2
- Microsoft Defender Antivirus
Platforms
- Windows
Next-generation technologies in Microsoft Defender Antivirus provide near-instant, automated protection against new and emerging threats. To identify new threats dynamically, next-generation technologies work with large sets of interconnected data in the Microsoft Intelligent Security Graph and powerful artificial intelligence (AI) systems driven by advanced machine learning models. Cloud protection works together with Microsoft Defender Antivirus to deliver accurate, real-time, and intelligent protection.
Tip
We recommend keeping cloud protection turned on. To learn more, see Why cloud protection should be enabled for Microsoft Defender Antivirus.
How cloud protection works
Microsoft Defender Antivirus works seamlessly with Microsoft cloud services. These cloud protection services, also referred to as Microsoft Advanced Protection Service (MAPS), enhance standard real-time protection. With cloud protection, next-generation technologies provide rapid identification of new threats, sometimes even before a single endpoint is infected.
The following blog posts illustrate how cloud protection works:
Why Microsoft Defender Antivirus is the most deployed in the enterprise
Behavior monitoring combined with machine learning spoils a massive coin-mining campaign
Detonating a bad rabbit: Microsoft Defender Antivirus and layered machine learning defenses
Note
The Microsoft Defender Antivirus cloud service is a mechanism for delivering updated protection to your network and endpoints. As a cloud service, it is not simply protection for files stored in the cloud; instead, the cloud service uses distributed resources and machine learning to deliver protection to your endpoints at a rate that is far faster than traditional security intelligence updates.
How to get cloud protection
Cloud protection is enabled by default. However, you might need to re-enable it if it has been disabled as part of previous organizational policies. To learn more, see Turn on cloud protection.
If your subscription includes Windows 10 E5, you can take advantage of emergency dynamic intelligence updates, which provide near real-time protection from emerging threats. When you turn on cloud protection, fixes for malware issues can be delivered via the cloud within minutes, instead of waiting for the next update. See Configure Microsoft Defender Antivirus to automatically receive new protection updates based on reports from our cloud service.
Next steps
Now that you have an overview of cloud protection in Microsoft Defender Antivirus, here are some next steps:
See Why cloud protection should be enabled for Microsoft Defender Antivirus.
Proceed to Enable cloud protection
Tip
If you're looking for Antivirus related information for other platforms, see:
- Set preferences for Microsoft Defender for Endpoint on macOS
- Microsoft Defender for Endpoint on Mac
- macOS Antivirus policy settings for Microsoft Defender Antivirus for Intune
- Set preferences for Microsoft Defender for Endpoint on Linux
- Microsoft Defender for Endpoint on Linux
- Configure Defender for Endpoint on Android features
- Configure Microsoft Defender for Endpoint on iOS features
Feedback
Submit and view feedback for