{"id":81089,"date":"2018-03-22T09:58:23","date_gmt":"2018-03-22T16:58:23","guid":{"rendered":"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/?p=81089"},"modified":"2023-05-15T23:12:50","modified_gmt":"2023-05-16T06:12:50","slug":"why-windows-defender-antivirus-is-the-most-deployed-in-the-enterprise","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/03\/22\/why-windows-defender-antivirus-is-the-most-deployed-in-the-enterprise\/","title":{"rendered":"Why Windows Defender Antivirus is the most deployed in the enterprise"},"content":{"rendered":"

Statistics about the success and sophistication of malware can be daunting. The following figure is no different: Approximately 96%<\/strong> of all malware is polymorphic<\/a> \u2013 meaning that it is only experienced by a single user and device before it is replaced with yet another malware variant. This is because in most cases malware is caught nearly as fast as it\u2019s created, so malware creators continually evolve to try and stay ahead. Data like this hammer home how important it is to have security solutions in place that are as agile and innovative as the attacks.<\/p>\n

The type of security solution needed has a complex job: It must protect users from hundreds of thousands of new threats every day<\/em> \u2013 and then it must learn and grow to stay ahead of the next wave of attacks. The solution cannot just react to the latest threats; it must be able to predict and prevent malware infections.<\/p>\n

Over the last year, we\u2019ve talked about how we\u2019re investing in new innovations to address this challenging threat landscape, what we\u2019ve delivered, and how it will change the dynamics. Today, I want to share the results<\/em> of our new antivirus capabilities<\/a> in Windows Defender Advanced Threat Protection (Windows Defender ATP<\/a>) which are genuinely incredible because they will directly benefit the work you are doing.<\/p>\n

Currently, our antivirus capabilities on Windows 10 are repeatedly earning top scores on independent tests, often outperforming the competition. This performance is the result of a complete redesign of our security solution.<\/p>\n

What\u2019s more, this same technology is available for our Windows 7 customers as well, so that they can remain secure during their transition to Windows 10.<\/p>\n

It started back in 2015<\/h2>\n

We\u2019ve been working to make our antivirus capabilities increasingly more effective, and in 2015 our results in two major independent tests (AV-Comparatives<\/a> and AV-TEST<\/a>) began to improve dramatically. As you can see in the chart below, beginning in March 2015 our scores on AV-TEST<\/a> began to rise rapidly, and, over the course of the next five months, we moved from scores averaging 85%<\/strong> on their Prevalence Test to (or near) 100%<\/strong>.\u00a0 Since then, we\u2019ve maintained those types of scores consistently.\u00a0 Our scores on AV-Comparatives<\/a> experienced a very similar spike, trajectory, and results.<\/p>\n

\"Our<\/p>\n

In December 2017, we reached another milestone on AV-TEST, where we achieved a perfect score<\/strong> across both the Prevalence and Real-World based tests. Previously we had only scored a perfect 100% on one of the two tests for a given month. The following chart<\/a> from the AV-TEST site shows our scores from November and December 2017 on Windows 7. These same scores are also applicable to Windows 10, which shares the same technology (and more).<\/p>\n

\"These<\/p>\n

For AV-Comparatives, we recently achieved another important quality milestone:\u00a0 For five consecutive months we detected all malware samples<\/strong>. \u00a0Our previous best was four consecutive months. The AV-Comparatives chart below shows our February 2018 results where we scored a perfect 100% block rate.<\/p>\n

\"FebruaryFebruary 2018 results where we scored a perfect 100% block rate.<\/p>\n

While independent antivirus tests are one indicator of a security solution\u2019s capabilities and protections, it\u2019s important to understand that this is only one part of a complete quality assessment.<\/p>\n

For example, in the case of Windows Defender ATP<\/a> (which integrates our antivirus capabilities and the whole Windows security stack), our customers have a much larger set of protection features \u2013 none of which are factored into the tests.\u00a0 These features provide additional layers of protection that help prevent malware from getting onto devices in the first place. These features include the following:<\/p>\n