← Index

Core Defenses & Cloud Config

The Standard Antivirus module manages the primary Windows Defender engine parameters. These settings control local file scanning behavior and cloud service communication.

01 // Real-time Protection

Real-time Threat Protection

Primary scanning engine. Monitors file system operations, process creation, and memory allocation in real-time.

This control must remain Enabled. Deactivation disables the background scanning engine.

02 // Cloud Intelligence

Cloud Aggressiveness Level

Defines the heuristic sensitivity for blocking files based on cloud-delivered signatures.

High Plus

Default Standard Microsoft-recommended blocking level.
High Aggressive blocking of suspicious files based on partial heuristic matches.
High Plus Advanced machine learning models; higher probability of blocking unknown binaries.
Zero Tolerance Blocks all unknown executables immediately.

03 // MAPS Reporting

Cloud-Delivered Protection

Configures the telemetry level sent to Microsoft Advanced Protection Service.

Advanced Membership

Advanced Membership is required to enable "Block at First Sight" functionality, permitting the engine to query the cloud for analysis of files without local signatures.