Successfully reported this slideshow.

MDATP & Chocolatey - we Belgians love our Chocolate(y')s

2

Share

1 of 32
1 of 32

More Related Content

Related Books

Free with a 14 day trial from Scribd

See all

Related Audiobooks

Free with a 14 day trial from Scribd

See all

MDATP & Chocolatey - we Belgians love our Chocolate(y')s

  1. 1. We Belgians love our chocolate(y’)s MDATP & CHOCOLATEY
  2. 2. Tim Hermie • Modern Workplace Architect @Synergics • Technical Trainer | MCT • Blog: https://www.cloud-boy.be • Twitter: @_Cloud_boy
  3. 3. Jasper Bernaers • Modern Workplace Lead @Synergics • Microsoft Security enthusiast • Blog: blog.bernaers.be • Twitter: @Jasper_be
  4. 4. Agenda • What is MDATP? • Why MDATP? • Why Chocolatey? • What is Chocolatey? • How do we deploy Chocolatey? • Key takeaways • MDATP + Chocolatey = <3
  5. 5. WHAT?
  6. 6. What is MDATP? • Microsoft Defender Advanced Threat Protection • Endpoint security management, cross platform • Optimized for simplicity - ease of use - while providing flexibility • Security management is extensible through the rich API set • Both on-prem and cloud connected devices
  7. 7. Modern Web Protection Any Device Anywhere Intelligent MDATP is enabling customers to identify and secure the connected devices in their enterprise, no matter where users take their devices or how they connect to the internet.
  8. 8. DEMO MDATP devices overview. Threat & Vulnerability Management dashboard overview
  9. 9. WHY?
  10. 10. Software inventory Security recommendations Web threat protection Cloud App Security Microsoft Defender ATP – Quick Wins
  11. 11. • Responsible for security monitoring and reducing risk • Analyze threats, security incidents and identify mitigations • Priority is on quick remediation on impacted devices/users Sec Ops IT Team
  12. 12. + Sec Ops IT Team SecAdmin
  13. 13. Security defined; IT implemented
  14. 14. DEMO MDATP Threat and Vulnerability remediation via Microsoft Endpoint Manager Create security tasks
  15. 15. WHY?
  16. 16. Why implementing Chocolatey? • Different installer formats • Zips and other archive formats • Software installers are messy • How are we handling 3rd party software updates? • Software management is like the Wild West
  17. 17. Software management may account for 50 – 90 % of your automation!
  18. 18. WHAT?
  19. 19. But what is Chocolatey? • Universal approach • The power of PowerShell! • Fancy zip files = “packages” • Auto updating framework that is customizable • The story of modern automation for Windows
  20. 20. Community based! • Community package repository • Https://www.chocolatey.org/packages • Community feed • Community maintained • Everything goes through VirusTotal
  21. 21. HOW?
  22. 22. PowerShell • Easy to deploy • Deploy Chocolatey agent • Deploy Auto Upgrade • Deploy applications • Can be done all together in 1 PowerShell script • Can be done in multiple PowerShell scripts • Not much control!
  23. 23. Win32App • Easy to deploy • System requirements • Device restart behavior • Detection rules • Dependencies • Device install status • Only need to wrap one IntuneWin file for all your Apps • powershell -ex bypass -file ChocoInstall.ps1 -package wireshark
  24. 24. DEMO Accept security task and resolve it with: - Deploying packages with Microsoft Endpoint Manager = Intune - Automatically update 3rd party apps
  25. 25. KEY TAKEWAYS
  26. 26. Key takeaways up till now • Implement MDATP (if your budget allows it) • Use MDATP to check device vulnerabilities • Integrate Chocolatey for standard apps • Deploy Chocolatey apps as W32 apps • Make ur apps auto-updating with Chocolatey • Make use of the security tasks feature in MEM Intune
  27. 27. MDATP + CHOCOLATEY = <3
  28. 28. DEMO Software vulnerabilities on machine with Chocolatey apps Resolve security task
  29. 29. MDATP + Chocolatey = <3 • Auto updating apps = lower security risk • Auto updating apps = lower exposure score in MDATP • Auto updating apps = watching more Netflix
  30. 30. Q&A
  31. 31. Thanks to our sponsors!

×