Presentation is loading. Please wait.

Presentation is loading. Please wait.

Analyze the anatomy of advanced attacks

Published byMareke Egger Modified over 6 years ago

Similar presentations

Presentation on theme: "Analyze the anatomy of advanced attacks"— Presentation transcript:

1 Analyze the anatomy of advanced attacks
12/5/2018 9:08 PM BRK2001 Analyze the anatomy of advanced attacks Benny Lakunishok Product Manager © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 1 Collect Analyze & Learn 2 ATA Center Detect 3 Alert & Investigate 4
12/5/2018 9:08 PM 1 Collect Port Mirroring or Sensor on DC L7 Deep Packet Inspection (DPI) Hybrid data sources 2 Analyze & Learn Self-learning and profiling technology Patented IP resolution mechanism ATA Center Detect 3 Abnormal behavior and suspicious activities Real-breach oriented research Microsoft Intelligence Alert & Investigate 4 ATA Gateway Intuitive Attack timeline Detailed investigation with dedicated entity profile PROXY VPN AD HR APPS ADFS SIEM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

3 12/5/2018 9:08 PM Our story begins © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

4 Mamazon Industry: Commerce and Cloud computing
12/5/2018 9:08 PM Mamazon Industry: Commerce and Cloud computing Publicly traded (450B $) Founded: 1994 HQ: Albuquerque, NM, USA Employee #: ~350,000 © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

5 Black Circle Industry: Business Intelligence Privately held
12/5/2018 9:08 PM Black Circle Industry: Business Intelligence Privately held Founded: 2010 HQ: Tel Aviv, Israel Employee #: ~100 © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

6 Moogle Industry: Software Publicly traded (650B $) Founded: 1999
12/5/2018 9:08 PM Moogle Industry: Software Publicly traded (650B $) Founded: 1999 HQ: Orlando, FL, USA Employee #: ~50,000 © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

7 The Target https://www.linkedin.com/in/ruth-borat-3bab06146/
12/5/2018 9:08 PM The Target Ruth Borat Senior Vice President and CFO, Moogle © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

8 12/5/2018 9:08 PM Demo © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

9 Attack story step 1 JohnD-Laptop JohnD SAMR Recon 12/5/2018 9:08 PM
© Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

10 Attack story step 2 JohnD-Laptop JohnD RuthB 12/5/2018 9:08 PM
© Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

11 Attack story step 3 Failure JohnD-Laptop Success RuthB EdnaF
12/5/2018 9:08 PM Attack story step 3 Failure JohnD-Laptop Success EdnaF RuthB © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

12 12/5/2018 9:08 PM Preview To get access to the preview please contact © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

13 Attack story step 4 EdnaF EdnaF-PC Helpdesk RuthB-Laptop
12/5/2018 9:08 PM Attack story step 4 EdnaF EdnaF-PC Helpdesk RuthB-Laptop © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

14 Attack story step 5 EdnaF-PC HelpDesk AXFR Query
12/5/2018 9:08 PM Attack story step 5 EdnaF-PC HelpDesk AXFR Query TopSecretFinanceServer © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

15 Attack story step 6 RuthB-Laptop Helpdesk EdnaF-PC
12/5/2018 9:08 PM Attack story step 6 Helpdesk RuthB-Laptop EdnaF-PC TopSecretFinanceServer RuthB © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

16 Takeaways Attackers life is easy ATA makes the defenders life easier
12/5/2018 9:08 PM Takeaways Attackers life is easy ATA makes the defenders life easier Proactive defense Azure ATP limited preview: © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

17 Q&A If you have questions please proceed to the Q&A MICROPHONE.
12/5/2018 9:08 PM Q&A If you have questions please proceed to the Q&A MICROPHONE. © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Download ppt "Analyze the anatomy of advanced attacks"

Similar presentations

Natural Language Querying Using Q&A. Data & Analytics Self-service BI with the familiarity of Office and the power of the cloud.

Natural Language Querying Using Q&A. Data & Analytics Self-service BI with the familiarity of Office and the power of the cloud.
04 | Business Analyzer Brian Meier| Senior Lead Program Manager.

04 | Business Analyzer Brian Meier| Senior Lead Program Manager.
Deployment Planning Services

Deployment Planning Services
Deliver business insights with Microsoft Dynamics AX and Power BI

Deliver business insights with Microsoft Dynamics AX and Power BI
Now, let’s implement/trial Windows Defender Advanced Threat Protection

Now, let’s implement/trial Windows Defender Advanced Threat Protection
Examine information management in Cortana Intelligence

Examine information management in Cortana Intelligence
Deploy and get started with Microsoft Advanced Threat Analytics

Deploy and get started with Microsoft Advanced Threat Analytics
“Introduction to Azure Security Center”

“Introduction to Azure Security Center”
How Microsoft uses Windows Defender ATP–Welcome to a SecOps world!

How Microsoft uses Windows Defender ATP–Welcome to a SecOps world!
Journey to Microsoft Secure Cloud

Journey to Microsoft Secure Cloud
Simplifying Hybrid Cloud Protection with Azure Security Center

Simplifying Hybrid Cloud Protection with Azure Security Center
BRK3288-Discover data-driven apps that learn and adapt

BRK3288-Discover data-driven apps that learn and adapt
Configure and Manage Your Hybrid Cloud Environment at Scale

Configure and Manage Your Hybrid Cloud Environment at Scale
Conduct a successful pilot deployment of Microsoft Intune

Conduct a successful pilot deployment of Microsoft Intune
6/10/2018 5:07 PM THR2218 Deploying Windows Defender AV and more with Intune and Configuration Manager Amitai Rottem @AmitaiTechie Senior Program Manager,

6/10/2018 5:07 PM THR2218 Deploying Windows Defender AV and more with Intune and Configuration Manager Amitai Senior Program Manager,
Microsoft Ignite 2016 9/11/2018 1:18 AM BRK4017

Microsoft Ignite /11/2018 1:18 AM BRK4017
Microsoft 2016 6/17/2018 4:24 AM BRK4012 Dive deep on Skype Web SDK & Skype for Business App SDK - Build apps across Web, IOS & Android Srividhya Chandrasekaran Amit.

Microsoft /17/2018 4:24 AM BRK4012 Dive deep on Skype Web SDK & Skype for Business App SDK - Build apps across Web, IOS & Android Srividhya Chandrasekaran Amit.
Web development productivity with Visual Studio

Web development productivity with Visual Studio
Microsoft Power BI Transforming your data into actionable insight

Microsoft Power BI Transforming your data into actionable insight
Plan and deploy Microsoft Advanced Threat Analytics the right way

Plan and deploy Microsoft Advanced Threat Analytics the right way

Similar presentations

Ads by Google