Deep analysis feature in Microsoft Defender ATP thumbnail

Deep analysis feature in Microsoft Defender ATP

The Deep analysis feature executes a file in a secure, fully instrumented cloud environment. Deep analysis results show the file’s activities, observed behaviors, and associated artifacts, such as dropped files, registry modifications, and communication with IPs. Deep analysis currently supports extensive analysis of portable executable (PE) files (including .exe and .dll files). The Deep analysis…