Microsoft Defender Advanced Threat Protection Evaluation Lab Now Available
The Microsoft Defender Advanced Threat Protection (ATP) Evaluation Lab is now ready for use by organizations.
The lab has reached "general availability" status, Microsoft announced on Wednesday. It means the lab is deemed ready for use by organizations to assess Microsoft's top-of-the-line bundle of security services.
Microsoft Defender ATP (formerly called "Windows Defender ATP") isn't for everyone. Organizations will need a Windows E5 or Microsoft 365 E5 subscription to use it, which are licenses at the top of Microsoft's pricing list. With the new lab, though, Microsoft is making it easier for organizations to evaluate this security suite before buying the licensing.
Essentially, IT pros can get a preprovisioned lab to test Microsoft Defender ATP in about "30 minutes," without having to install anything. The lab supports up to three Windows 10 PCs in a virtual network that gets set up by Microsoft, which can be accessed via Remote Desktop Protocol.
The Microsoft Defender ATP service has various components. It can be used to assess endpoint security and reduce attack surfaces. It has some automated remediation capabilities, plus discovery capabilities. Microsoft also recently described it having an Automated Investigation and Remediation service. There's also access to Microsoft's Security Operation Center threat-hunting expertise via a service called "Microsoft Threat Experts."
Lab testers just will get access to the following Microsoft Defender ATP capabilities, according to this Microsoft document:
In addition, the latest versions of Windows 10, Office 2019 Standard, Java, Python and Sysinternals will get provisioned for the lab users.
Testers can conduct simulated attacks within the virtual environment and see the results in a dashboard. The lab includes built-in tutorials to learn how to use the service.
There's one big catch to using the lab, as it's a very limited trial. IT pros will get a total of three days to use it (the dashboard includes a countdown timer). The lab can't be refreshed after that three-day time period, Microsoft's document explained.
Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.