https://technet.microsoft.com/windows-server-docs/security/securing-privileged-access/securing-privileged-access Good doc on solutions
Check out Windows defender advanced threat protection beta... it is not a/v. It is like forensics with a cloud console to review what bad thing may have done to your workstations.
https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp
