Cloud-delivered protection demonstration
Applies to:
- Microsoft Defender for Business
- Microsoft Defender for Endpoint Plan 1 and 2
- Microsoft Defender Antivirus
- Microsoft Defender for Individuals
Cloud-delivered protection for Microsoft Defender Antivirus, also referred to as Microsoft Advanced Protection Service (MAPS), provides you with strong, fast protection in addition to our standard real-time protection.
Scenario requirements and setup
- Windows 11, Windows 10, Windows 8.1, and Windows 7 SP1
- Microsoft Defender Real-time protection is enabled
- Cloud-delivered protection is enabled by default, however you may need to re-enable it if it has been disabled as part of previous organizational policies. For more information, see Enable cloud-delivered protection in Microsoft Defender Antivirus.
- You can also download and use the PowerShell script to enable this setting and others on Windows 10 and Windows 11.
Scenario
Download and extract the zipped folder that contains the test file. The password is infected.
Important
The test file isn't malicious, it's just a harmless file simulating a virus.
If you see file blocked by Microsoft Defender SmartScreen, select on "View downloads" button.
In Downloads menu right select on the blocked file and select on Download unsafe file.
You should see that "Microsoft Defender Antivirus" found a virus and deleted it.
Note
In some cases, you might also see Threat Found notification from Microsoft Defender Security Center.
If the file executes, or if you see that it was blocked by Microsoft Defender SmartScreen, cloud-delivered protection isn't working. For more information, see Configure and validate network connections for Microsoft Defender Antivirus.
See also
Utilize Microsoft cloud-delivered protection in Microsoft Defender Antivirus
Microsoft Defender for Endpoint - demonstration scenarios
Tip
Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: Microsoft Defender for Endpoint Tech Community.