At the Ignite 2016 conference, Microsoft announced Windows Defender Application Guard for Microsoft Edge for enterprise customers. This uses virtualization-based security technology to protect against advanced attacks that can infiltrate your network and devices via the Internet beyond the kernel level. “This level of protection has never been more important, as the majority of attacks start in the browser,” says Microsoft.
Microsoft announced Windows Defender Advanced Threat Protection for enterprise earlier this year.
The new feature will be available for Windows Insiders in the coming months and roll out more broadly next year.
Regarding this new enterprise feature, Microsoft on the official blog, said:
Unlike other browsers that use software-based sandboxes, which still provide a pathway for malware and vulnerability exploits, Microsoft Edge’s use of Application Guard isolates the browser and employee activity using a hardware-based container to prevent malicious code from impacting the device and moving across the enterprise network.
This robust security service helps protect enterprises from malware, viruses, vulnerabilities, and even zero-day attacks. Once enabled, enterprise administrators can configure a trusted network site list policy and distribute the group policy to any devices it wishes to protect with Application Guard. Even if an untrusted site successfully loads malware, the malware is unable to reach beyond the isolated container to steal data or permanently compromise devices or the network. Once the employee exits their Microsoft Edge browsing session, any malware is erased, preventing further attacks.