9/12/2018 7:18 AM THR1081 Don’t be the first victim of new malware Turn Windows Defender AV Cloud Protection on! Amitai Rottem @AmitaiTechie Senior Program Manager, Windows Active Defense © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
The story about Bob
9/12/2018 7:18 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
9/12/2018 7:18 AM 2017-04-19 10:53:00pm © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
9/12/2018 7:18 AM 2017-04-19 10:53:00pm © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
9/12/2018 7:18 AM 2017-04-19 10:53:00pm © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
9/12/2018 7:18 AM 2017-04-19 10:53:00pm © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Now technical
9/12/2018 7:18 AM 2017-04-20 10:53:21pm © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
9/12/2018 7:18 AM 2017-04-20 10:53:21pm © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Something is detected 2017-04-20 10:53:21pm 9/12/2018 7:18 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Service receives query 9/12/2018 7:18 AM 2017-04-20 10:53:21pm Service receives query © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
File is deemed suspicious, sample requested 2017-04-20 10:53:21pm File is deemed suspicious, sample requested © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Sample finishes uploading 2017-04-20 10:53:23pm Sample finishes uploading © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Determined as malware, signature sent back 2017-04-20 10:53:28pm 9/12/2018 7:18 AM 2017-04-20 10:53:28pm Determined as malware, signature sent back © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
9/12/2018 7:18 AM 2017-04-20 10:53:28pm © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
9/12/2018 7:18 AM Only 8 seconds after clicking, Windows Defender AV blocked a new strain of ransomware variant that wasn’t ever seen before 2017-04-20 10:53:29pm © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
9/12/2018 7:18 AM Only 8 seconds after clicking, Windows Defender AV blocked a new strain of ransomware variant that wasn’t ever seen before 2017-04-20 03:53:29pm © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Windows Defender AV’s unique optics Microsoft 2016 9/12/2018 7:18 AM Windows Defender AV’s unique optics 1.2 billion Devices/monthly 200 billion Emails/monthly 3 billion Cloud queries/daily 2 million New file samples/daily 80 billion Metadata of files 2.5 trillion URLs index © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Demo time! From Windows 10 version 1607 to 1703 to 1709 9/12/2018 7:18 AM Demo time! From Windows 10 version 1607 to 1703 to 1709 © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Related content Breakout Sessions Theater Sessions Labs Tech Ready 15 9/12/2018 Related content Breakout Sessions Next-Gen AV: Windows Defender Antivirus unleashed—Tuesday 11:30am (BRK3063) Windows Defender Exploit Guard: Reducing the Attack Surface while balancing productivity and security—Wednesday 2:15pm (BRK2084) Ransomware: Don't pay the ransom—Thursday 11:30am (BRK3065) Theater Sessions Windows Defender Exploit Guard: Reducing the Attack Surface while balancing productivity and security—Monday 6:05pm (THR2257) Deploying Windows Defender AV and more with Configuration Manager—Wednesday 10:50am (THR2218) Labs WAD-ILL304: Windows Defender Antivirus—configure and deploy policies and check out reports— Thursday 3:30pm © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
9/12/2018 7:18 AM Resources Whitepaper: Evolution of malware protection https://aka.ms/xbfqn3 Demo website: https://demo.wd.microsoft.com AV Documentation: https://aka.ms/wdavdocs EG Documentation: https://aka.ms/wdeg Security Intelligence: https://microsoft.com/av Evaluation Guide + Script: https://aka.ms/evaluatewdav © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Please evaluate this session Tech Ready 15 9/12/2018 Please evaluate this session From your Please expand notes window at bottom of slide and read. Then Delete this text box. PC or tablet: visit MyIgnite https://myignite.microsoft.com/evaluations Phone: download and use the Microsoft Ignite mobile app https://aka.ms/ignite.mobileapp Your input is important! © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
9/12/2018 7:18 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.