Presentation is loading. Please wait.

Presentation is loading. Please wait.

12/1/2018 10:04 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Published byPiers Lynch Modified over 6 years ago

Similar presentations

Presentation on theme: "12/1/2018 10:04 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN."— Presentation transcript:

1 12/1/ :04 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 Threat Protection with Microsoft Advanced Threat Protection
12/1/ :04 AM BRK2086 Threat Protection with Microsoft Advanced Threat Protection © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

3 Session objectives Meet Azure Advanced Threat Protection (=Azure ATP)
12/1/ :04 AM Session objectives Meet Azure Advanced Threat Protection (=Azure ATP) See a bunch of demos Enjoy!  © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

4 IT is changing Identity Devices Apps Data On-premises

5 “Hybrid” is changing the security perimeter
OPPORTUNITY On-premises

6 The Microsoft Security Model
Combined Microsoft Stack: Maximize detection coverage throughout the attack stages Office 365 ATP Windows ATP ATA End Point User

7 The Microsoft Security Model
Combined Microsoft Stack: Maximize detection coverage throughout the attack stages Office 365 ATP Windows ATP ATA End Point User User receives an Opens an attachment Clicks on a URL Exploitation Office 365 ATP protection User browses to a website User runs a program

8 The Microsoft Security Model
Combined Microsoft Stack: Maximize detection coverage throughout the attack stages Office 365 ATP Windows ATP ATA End Point User User receives an Opens an attachment Clicks on a URL Exploitation Installation C&C channel Office 365 ATP Windows Defender ATP protection End Point protection User browses to a website User runs a program

9 The Microsoft Security Model
Combined Microsoft Stack: Maximize detection coverage throughout the attack stages Office 365 ATP Windows ATP ATA End Point User User receives an Opens an attachment Clicks on a URL Exploitation Installation C&C channel Reconnaissance Lateral Movement Domain Dominance Brute force an account Office 365 ATP Windows Defender ATP protection End Point protection User browses to a website User runs a program

10 The Microsoft Security Model
Combined Microsoft Stack: Maximize detection coverage throughout the attack stages Office 365 ATP Windows ATP ATA End Point User User receives an Opens an attachment Clicks on a URL Exploitation Installation C&C channel Reconnaissance Lateral Movement Domain Dominance Brute force an account Office 365 ATP Windows Defender ATP protection End Point protection Azure ATP Identity protection User browses to a website User runs a program

11 Introducing Detect advanced attacks in your on-premises, cloud and hybrid environments Azure ATP APPS APPS

12 ! 1 Collect Analyze & Learn 2 Detect 3 Alert & Investigate 4
12/1/ :04 AM 1 Collect Port Mirroring or Sensor on DC L7 Deep Packet Inspection (DPI) Hybrid data sources 2 Analyze & Learn Self-learning and profiling technology Patented IP resolution mechanism Unlimited scale powered by Azure ! Detect 3 Abnormal behavior and suspicious activities Real-breach oriented research Microsoft Intelligence Alert & Investigate 4 Intuitive attack timeline Quick triaging of alerts Investigate via the dedicated Profile Page or Windows Defender ATP Azure ATPSENSOR PROXY VPN AD HR APPS ADFS SIEM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

13 Demo #1 Azure ATP Deployment and Configuration 12/1/2018 10:04 AM
© Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

14 Demo #1 recap Create Workspace Connect to Active Directory
12/1/ :04 AM Demo #1 recap Create Workspace Connect to Active Directory Install first Sensor Setup notifications Schedule a summary report Configure Honeytoken user Tag Sensitive users and groups Windows Defender ATP integration Other recommended steps?  Yes! SIEM and VPN data integration. © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

15 The new Sensor Gateway  Sensor New parsing platform
12/1/ :04 AM The new Sensor Gateway  Sensor New parsing platform Performance improvement x10 CPU Memory © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

16 Demo #2 Attack Simulations and Azure ATP Detections 12/1/2018 10:04 AM
© Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

17 Demo #2 recap Realtime Detections
12/1/ :04 AM Demo #2 recap Realtime Detections “Password Spray” Brute Force Abnormal Sensitive group modifications Investigating with Windows Defender ATP Reports Sensitive group modifications © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

18 Azure ATP Detect advanced
attacks in your on-premises, cloud and hybrid environments Detect advanced attacks in your on-premises, cloud and hybrid environments Azure ATP APPS APPS

19 Announcing the Limited Preview!
12/1/ :04 AM Announcing the Limited Preview! Easy to deploy and get running Minimal impact - new Sensor & Azure service Start using Windows Defender ATP integration immediately Looking for your feedback! © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

20 12/1/ :04 AM Q&A © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

21 12/1/ :04 AM Thank You! © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

22 12/1/ :04 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Download ppt "12/1/2018 10:04 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN."

Similar presentations

Microsoft Ignite /16/2017 4:54 PM

Microsoft Ignite /16/2017 4:54 PM
Marin Frankovic Datacenter TSP

Marin Frankovic Datacenter TSP
Enabling the Modern Workstyle with Windows 10 & Azure Active Directory Venkatesh Gopalakrishnan 2016 Redmond Summit | Identity Without Boundaries May 25,

Enabling the Modern Workstyle with Windows 10 & Azure Active Directory Venkatesh Gopalakrishnan 2016 Redmond Summit | Identity Without Boundaries May 25,
Identity; What you need to know to be in the Microsoft Cloud

Identity; What you need to know to be in the Microsoft Cloud
Active Directory Modernization Technical competitive comparison

Active Directory Modernization Technical competitive comparison
Microsoft 365 Security and Compliance: Training and Resources

Microsoft 365 Security and Compliance: Training and Resources
Deployment Planning Services

Deployment Planning Services
Deployment Planning Services

Deployment Planning Services
Azure Active Directory - Business 2 Consumer

Azure Active Directory - Business 2 Consumer
Now, let’s implement/trial Windows Defender Advanced Threat Protection

Now, let’s implement/trial Windows Defender Advanced Threat Protection
Deploy and get started with Microsoft Advanced Threat Analytics

Deploy and get started with Microsoft Advanced Threat Analytics
“Introduction to Azure Security Center”

“Introduction to Azure Security Center”
Emanuele Bianchi | EMEA Security GBB

Emanuele Bianchi | EMEA Security GBB
Secure Windows 10 with Intune, Azure AD and Configuration Manager

Secure Windows 10 with Intune, Azure AD and Configuration Manager
5/31/2018 3:40 PM BRK3113 How Microsoft IT builds Privileged Access Workstation using Windows 10 and Windows Server 2016 Jian (Jane) Yan Sr. Program Manager.

5/31/2018 3:40 PM BRK3113 How Microsoft IT builds Privileged Access Workstation using Windows 10 and Windows Server 2016 Jian (Jane) Yan Sr. Program Manager.
Journey to Microsoft Secure Cloud

Journey to Microsoft Secure Cloud
Simplifying Hybrid Cloud Protection with Azure Security Center

Simplifying Hybrid Cloud Protection with Azure Security Center
O365 & AZURE ADDS Mladen Baranek, Miadria

O365 & AZURE ADDS Mladen Baranek, Miadria
Microsoft 2016 6/4/2018 11:15 PM THR2219 How Microsoft IT enables modern mobility with Windows 10 security and productivity features Rekha Nair IT Program.

Microsoft /4/ :15 PM THR2219 How Microsoft IT enables modern mobility with Windows 10 security and productivity features Rekha Nair IT Program.
Azure Information Protection Strategy and Roadmap

Azure Information Protection Strategy and Roadmap

Similar presentations

Ads by Google