BACKGROUND IMAGE: stock.adobe.com
Windows Defender Advanced Threat Protection (ATP) is not new -- it's part of Windows 10. But Microsoft saw fit to include this security feature out of the box in Windows Server 2019.
Windows Defender ATP works with other components of the server, such as data storage and network transport, to prevent compromises by automatically blocking and terminating any threat it detects. Microsoft designed Windows Defender ATP to detect any potential attacks, including on the memory and kernel level.
Windows Defender ATP includes several prevention features to reduce an intruder's chance of success. Attack surface reduction prevents common actions executed by malware, such as API calls from a Microsoft Office macro. Network protection stops outbound processes to dangerous sites. Controlled folder access prevents untrusted processes from accessing protected folders.
Administrators can also configure exploit protection protocols, which originated in the now-defunct Enhanced Mitigation Experience Toolkit, to diminish threats to the OS or to specific applications.