This document discusses cybersecurity threats and the Windows 10 defense stack. It summarizes that cyber threats pose a material risk to businesses, with the average cost of a data breach being $3.5 million. It then outlines the Windows 10 defense stack, which aims to protect devices from threats pre-breach and detect and respond to breaches post-breach. Key elements of the defense stack include Windows Defender, Device Guard, Windows Hello for identity protection, and Windows Defender Advanced Threat Protection.
- What is WannaCry?
- What are its Worm, Exploit, Botnet, Backdoor, Ransomware characteristics?
- WannaCry and the end of the world?
- Malware Prevention?
- Is it a big deal? Comparison with other malware
- WannaCry, a Military and Political Perspective
Technical guidance to prevent wanna cry ransomware attackAvanzo net
Ā
Along with the rise of Ransomware attacks around the world named WannaCry or WannaCrypt, a
new variant malware that is believed to be developed using NSA's exploit tools to attack computers with
Microsoft Windows operating system, ISACA ID tries to help provide preventive guidance to avoid those
malware attacks.
- What is WannaCry?
- What are its Worm, Exploit, Botnet, Backdoor, Ransomware characteristics?
- WannaCry and the end of the world?
- Malware Prevention?
- Is it a big deal? Comparison with other malware
- WannaCry, a Military and Political Perspective
Technical guidance to prevent wanna cry ransomware attackAvanzo net
Ā
Along with the rise of Ransomware attacks around the world named WannaCry or WannaCrypt, a
new variant malware that is believed to be developed using NSA's exploit tools to attack computers with
Microsoft Windows operating system, ISACA ID tries to help provide preventive guidance to avoid those
malware attacks.
Your Guide to tackle the Ransomware threat "WannaCry" | SysforeSysfore Technologies
Ā
WannaCry, Wanna Decryptor, WannaCrypt ā whatever it's referred to as, is by and large the same bitcoin-demanding beast. In this article, we explain
everything we know about the ransomware that has been raking havoc globally and how you can safeguard yourself against this threat
WannaCry Ransomware Attack: What to Do NowIBM Security
Ā
View on-demand webinar: http://bit.ly/2qoNQ8v
What you need to know and how to protect against the WannaCry Ransomware Attack, the largest coordinated cyberattack of its kind. WannaCry has already crippled critical infrastructure and multiple hospitals and telecommunications organizations, infecting 100s of thousands of endpoints in over 100 countries. In this on-demand webinar, we discuss the anatomy of this unprecedented attack and IBM Researchers share expert insights into what you can do now to protect your organization from this attack and the next one.
In a twist of irony, the global spread of WannaCry, the malware that recently attacked the NHS, was caused by spying tools leaked from the USā National Security Agency (NSA). Highly infectious, WannaCry (also known as WannaCryptor and WCry) spread to at least 150 countries within a few hours.
Defending Against the Dark Arts of LOLBINS Brent Muir
Ā
Copy of my slides from my 2020 Poland Confidence presentation...
This talk will provide an overview of the LOLBIN/LOLBAS estate, why they are a preferred attack tool over malware, and how organisations can better secure their estate against their abuse.
Welcome to the Threatsploit Report of covering some of the important cybersecurity events, incidents and exploits that occurred this month such as Application Security, Mobile App Security, Network Security, Website Security, API Security, Cloud Security, Host Level Security, Cyber Intelligence, Thick Client Security, Threat Vulnerability, Database Security, IOT Security, Wireless Security.
This presentation brings out few basic steps that every android phone user should configure to harden his/her device.Although the list is not completly exhaustive but it brings out basic necessities as expected from any smart user.
Introduction
What happened ?
What is Wannacry / Wannacrypt ?
How many Infections ?
What happens to the victim?
How to protect yourself ?
Will Paying the Ransom Help Us?
Conclusion
Het beveiligen van de productiviteit, samenwerking en enterprise data is van cruciaal belang op het moment dat organisaties transformeren naar een Digital Workplace. De āAnniversary Updateā van Windows 10 bevat enorm veel nieuwe functionaliteiten om deze zaken te waarborgen. In combinatie met de Enterprise Mobility + Security (EMS) oplossing van Microsoft zijn bedrijven in staat om identiteiten onder controle te houden en enterprise data te behoeden voor fouten van medewerkers. In deze deep dive sessie breng ik je op de hoogte van nieuwe functionaliteiten, zoals Enterprise Data Protection en Phone Sign-in.
Your Guide to tackle the Ransomware threat "WannaCry" | SysforeSysfore Technologies
Ā
WannaCry, Wanna Decryptor, WannaCrypt ā whatever it's referred to as, is by and large the same bitcoin-demanding beast. In this article, we explain
everything we know about the ransomware that has been raking havoc globally and how you can safeguard yourself against this threat
WannaCry Ransomware Attack: What to Do NowIBM Security
Ā
View on-demand webinar: http://bit.ly/2qoNQ8v
What you need to know and how to protect against the WannaCry Ransomware Attack, the largest coordinated cyberattack of its kind. WannaCry has already crippled critical infrastructure and multiple hospitals and telecommunications organizations, infecting 100s of thousands of endpoints in over 100 countries. In this on-demand webinar, we discuss the anatomy of this unprecedented attack and IBM Researchers share expert insights into what you can do now to protect your organization from this attack and the next one.
In a twist of irony, the global spread of WannaCry, the malware that recently attacked the NHS, was caused by spying tools leaked from the USā National Security Agency (NSA). Highly infectious, WannaCry (also known as WannaCryptor and WCry) spread to at least 150 countries within a few hours.
Defending Against the Dark Arts of LOLBINS Brent Muir
Ā
Copy of my slides from my 2020 Poland Confidence presentation...
This talk will provide an overview of the LOLBIN/LOLBAS estate, why they are a preferred attack tool over malware, and how organisations can better secure their estate against their abuse.
Welcome to the Threatsploit Report of covering some of the important cybersecurity events, incidents and exploits that occurred this month such as Application Security, Mobile App Security, Network Security, Website Security, API Security, Cloud Security, Host Level Security, Cyber Intelligence, Thick Client Security, Threat Vulnerability, Database Security, IOT Security, Wireless Security.
This presentation brings out few basic steps that every android phone user should configure to harden his/her device.Although the list is not completly exhaustive but it brings out basic necessities as expected from any smart user.
Introduction
What happened ?
What is Wannacry / Wannacrypt ?
How many Infections ?
What happens to the victim?
How to protect yourself ?
Will Paying the Ransom Help Us?
Conclusion
Het beveiligen van de productiviteit, samenwerking en enterprise data is van cruciaal belang op het moment dat organisaties transformeren naar een Digital Workplace. De āAnniversary Updateā van Windows 10 bevat enorm veel nieuwe functionaliteiten om deze zaken te waarborgen. In combinatie met de Enterprise Mobility + Security (EMS) oplossing van Microsoft zijn bedrijven in staat om identiteiten onder controle te houden en enterprise data te behoeden voor fouten van medewerkers. In deze deep dive sessie breng ik je op de hoogte van nieuwe functionaliteiten, zoals Enterprise Data Protection en Phone Sign-in.
As soluƧƵes da NetWitness capturam todos os dados que circulam na rede e os contextualizam, filtrando o que pode ser crĆtico ou nĆ£o. O usuario pode ver quem estĆ” indo aonde e vendo o quĆŖ.
In this presentation, we talk about the need for cyber security in organizations to protect important data and prevent attacks on the systems installed in an organization.
Computer security introduction lecture. Introduction
Network Security
Basic Components Of Computer Security
Online Security Vs Online Safety
Risks & Threats
Steps to protect information
Steps to protect computer
Ethical Impact
Case study
Statistics about Internet Crime
survey
conclusion
Network security is a set of technologies that protects the usability and integrity of a company's infrastructure by preventing a wide range of potential threats from entering or spreading within a network.
Experts Live Europe 2017 - Best Practices to secure Windows 10 with already i...Alexander Benoit
Ā
AppLocker, Windows Information Protection, Device Guard, Windows Defender Application Guard- there are many ways to secure Windows 10. Not all ways are compatible with Enterprise requirements. In the session, we will have a look at what we are able to do and I will add some experiences from the field about what works well and what doesnāt. In addition, we will check how ConfigMgr can support us.
"Evolving Cybersecurity Strategies" - Identity is the new security boundaryDean Iacovelli
Ā
As cyber attacks have matured and become more complex over the last number of years, the objective of most attacks has not changed: compromise and collect user credentials. This session will explore the changing cybersecurity landscape and how managing identity ā both in the enterprise as well as across 3rd party applications - is becoming job #1 in managing your organizationās risk.
Given at TRISC 2010, Grapevine, Texas.
http://www.trisc.org/speakers/aditya_sood/#p
The talk sheds light on the new trends of web based malware. Technology and Insecurity goes hand in hand. With the advent of new attacks and techniques the distribution of malware through web has been increased tremendously. Browser based exploits mainly Internet Explorer have given a birth to new world of malware infection. The attackers spread malware elegantly by exploiting the vulnerabilities and drive by downloads. The infection strategies opted by attackers like malware distribution through IFRAME injections and Search Engine Optimization. In order to understand the intrinsic behavior of these web based malware a typical analysis is required to understand the logic concept working behind these web based malwares. It is necessary to dissect these malwares from bottom to top in order to control the devastating behavior. The talk will cover structured methodologies and demonstrate the static, dynamic and behavioral analysis of web malware including PCAP analytics. Demonstrations will prove the fact and necessity of web malware analysis.
VisĆ£o geral sobre a soluĆ§Ć£o iDefense da VeriSign de resposta a incidentes em tempo real, remediaĆ§Ć£o de fraudes on-line, gerenciamento de riscos, conhecimentos dos impactos globais das ameaƧas, proteĆ§Ć£o proativa, entre outros benefĆcios.
VisĆ£o geral sobre a soluĆ§Ć£o iDefense da VeriSign de resposta a incidentes em tempo real, remediaĆ§Ć£o de fraudes on-line, gerenciamento de riscos, conhecimentos dos impactos globais das ameaƧas, proteĆ§Ć£o proativa, entre outros benefĆcios.
Similar to Smau Milano 2016 - Paola Presutto, Microsoft (20)
SMAU MILANO 2023 | šš¢š š¢ššš„ šš«šš¢š§š¢š§š ššØš®š«š§šš² La nuova frontiera della formazio...SMAU
Ā
SMAU MILANO 2023 | SMAU MILANO 2023 | šš¢š š¢ššš„ šš«šš¢š§š¢š§š ššØš®š«š§šš² La nuova frontiera della formazione professionale: gamification e apprendimento continuo
SMAU MILANO 2023 | SMAU MILANO 2023 | Intelligenza Artificiale e chatbotsSMAU
Ā
SMAU MILANO 2023 | SMAU MILANO 2023 | Intelligenza Artificiale e chatbots: nemici o alleati dei business game? 5 requisiti di un ābuonā business game di marketing strategico, potenzialmente integrabile proprio con strumenti di IA, come antidoto alla crescente disabitudine al problem solving e al pensiero critico, al lavoro di gruppo e all'orientamento strategico
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Ā
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overviewā
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
Ā
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Ā
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But thereās more:
In a second workflow supporting the same use case, youāll see:
Your campaign sent to target colleagues for approval
If the āApproveā button is clicked, a Jira/Zendesk ticket is created for the marketing design team
Butāif the āRejectā button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Ā
Are you looking to streamline your workflows and boost your projectsā efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, youāre in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part āEssentials of Automationā series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Hereās what youāll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
Weāll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Donāt miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Ā
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
Ā
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
Ā
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more āmechanicalā approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
Ā
As AI technology is pushing into IT I was wondering myself, as an āinfrastructure container kubernetes guyā, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefitās both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Ā
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as āpredictable inferenceā.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Ā
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Ā
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
2. Source: McKinsey, Ponemon Institute, Verizon
CYBER THREATSARE A M A T E R I A L R I S K TO YOUR BUSINESS
Impact of lost productivity
and growth
Average cost of a data breach
(15% YoY increase)
$3.0 TR ILLION $3.5 MILLION
Corporate liability coverage.
$500 MILLION
āCYBER SECURITY IS A CEO ISSUE.ā
- M C K I N S E Y
3. ATTACKS HAPPEN FAST AND ARE HARD TO STOP
If an attacker sends an email
to 100 people in your
companyā¦
ā¦23 people will open itā¦ ā¦11 people will open the
attachmentā¦
ā¦and six will do it in the
first hour.
6. ANATOMY OF AN ATTACK
Malicious Attachment Execution
Stolen Credential Use
Internet Service Compromise
Kernel-mode Malware
Kernel Exploits
Pass-the-Hash
Malicious Attachment Delivery
Browser or Doc Exploit Delivery
Phishing Attacks
ENTER
ESTABLISH
EXPAND
ENDGAME
NETWORK
DEVICE
USER
7. PASS-THE-HASH
Browser or Doc Exploit Execution
ANATOMY OF AN ATTACK
Theft of sensitive information, disruption of government.
PHISHING
NETWORK
DEVICE
USER
ENDGAME
http://natoint.com/900117-spain-forces-conclude-mission-in-central-african-republic/
8. PASS-THE-HASH
Browser or Doc Exploit Execution
ANATOMY OF AN ATTACK
Theft of sensitive information, disruption of government.
PHISHING
NETWORK
DEVICE
USER
ENDGAME
Land on exploit page
Exploit runs
Redirected to legitimate page
Total Elapsed Time: 00:00.1
9.
10. THE WINDOWS 10 DEFENSE STACK
PROTECT, DETECT & RESPOND
PRE-BREACH POST-BREACH
Windows Defender
ATP
Breach detection
investigation &
response
Device
protection
Device Health
attestation
Device Guard
Device Control
Security policies
Information
protection
Device protection /
Drive encryption
Enterprise Data
Protection
Conditional access
Threat
resistance
SmartScreen
AppLocker
Device Guard
Windows Defender
Network/Firewall
Built-in 2FA
Account lockdown
Credential Guard
Microsoft Passport
Windows Hello :)
Identity
protection
Breach detection
investigation &
response
Device
protection
Information
protection
Threat
resistance
Conditional Access
Windows Defender
ATP
Device integrity
Device control
BitLocker and
BitLocker to Go
Windows
Information
Protection
SmartScreen
Windows Firewall
Microsoft Edge
Device Guard
Windows Defender
Windows Hello :)
Credential Guard
Identity
protection
16. VIRTUALIZATION BASED SECURITY WINDOWS 10
Kernel
Windows Platform
Services
Apps
Kernel
SystemContainer
Trustlet#1
Trustlet#2
Trustlet#3
Hypervisor
Device Hardware
Windows Operating System
Hyper-VHyper-V
17. THE WINDOWS 10 DEFENSE STACK
PROTECT, DETECT & RESPOND
PRE-BREACH POST-BREACH
Conditional Access
Windows Defender
ATP
Breach detection
investigation &
response
Device
protection
Device integrity
Device control
Information
protection
BitLocker and
BitLocker to Go
Windows
Information
Protection
Threat
resistance
SmartScreen
Windows Firewall
Microsoft Edge
Device Guard
Windows Defender
Windows Hello :)
Credential Guard
Identity
protection
Device
protection
Device integrity
Device control
Threat
resistance
SmartScreen
Windows Firewall
Microsoft Edge
Device Guard
Windows Defender
18. MICROSOFT EDGE: DESIGNED FOR SECURE BROWSING
Eliminate vulnerabilities before attackers can find them
Contain the damage when vulnerabilities are discovered
Break exploitation techniques used by attackers
Prevent navigation to known exploit sites
Keep our customers
safe when browsing
the web
Objective
Make it difficult and
costly for attackers to
find and exploit
vulnerabilities in
Microsoft Edge
Strategy
Tactics
ļ ļ
Microsoft Edge is the most secure browser Microsoft has ever shipped
19. WINDOWS DEFENDER APPLICATION GUARD
Hypervisor
Device Hardware
Kernel
Apps
Windows Platform
Services
Kernel
Windows Platform
Services
Microsoft Edge
Kernel
System Container
Critical System Processes
Windows Defender
Application Guard Container
Windows Operating System
Hyper-V Hyper-V
HARDWARE ISOLATION
20. WINDOWS DEFENDER
ADVANCED THREAT PROTECTION
DETECT ADVANCED ATTACKS AND REMEDIATE BREACHES
Unique threat intelligence knowledge base
Unparalleled threat optics provide detailed actor profiles
1st and 3rd party threat intelligence data.
Rich timeline for investigation
Easily understand scope of breach. Data pivoting
across endpoints. Deep file and URL analysis.
Behavior-based, cloud-powered breach detection
Actionable, correlated alerts for known and unknown adversaries.
Real-time and historical data.
Built into Windows
No additional deployment & Infrastructure. Continuously
up-to-date, lower costs.
21. THE WINDOWS 10 DEFENSE STACK
PROTECT, DETECT & RESPOND
PRE-BREACH POST-BREACH
Conditional Access
Windows Defender
ATP
Breach detection
investigation &
response
Device
protection
Device integrity
Device control
Information
protection
BitLocker and
BitLocker to Go
Windows
Information
Protection
Threat
resistance
SmartScreen
Windows Firewall
Microsoft Edge
Device Guard
Windows Defender
Windows Hello :)
Credential Guard
Identity
protection
Windows Hello :)
Credential Guard
Identity
protection
Threat
resistance
SmartScreen
Windows Firewall
Microsoft Edge
Device Guard
Windows Defender
24. ļ Improved security
ļ Fingerprintand facialrecognition
ļ Ease of use
ļ Impossible to forget
ļ VBS support
BIOMETRIC MODALITIES
25. THE WINDOWS 10 DEFENSE STACK
PROTECT, DETECT & RESPOND
PRE-BREACH POST-BREACH
Conditional Access
Windows Defender
ATP
Breach detection
investigation &
response
Device
protection
Device integrity
Device control
Information
protection
BitLocker and
BitLocker to Go
Windows
Information
Protection
Threat
resistance
SmartScreen
Windows Firewall
Microsoft Edge
Device Guard
Windows Defender
Windows Hello :)
Credential Guard
Identity
protection
Windows Hello :)
Credential Guard
Identity
protection
Information
protection
BitLocker and
BitLocker to Go
Windows
Information
Protection
26. Data Leakage
2HIPPA Secure Now, āA look at the cost of healthcare data breaches,ā Art Gross, March 30, 2012
Have accidentallysent sensitive
informationto the wrong person1
58%
ā¦of senior managersadmit to
regularly uploadingwork files to a
personal email or cloud account1
87%
Average per record cost of a data
breachacross all industries2
$240
PER
RECORD
1Stroz Friedberg, āOn The Pulse: Information Security In American Business,ā 2013
28. SHARING PROTECTION
Protect all file types, everywhere they
go, cloud, email, BYOD, ā¦
Support for all commonly used
devices and systems ā Windows, OSX,
iOS, Android
Support for B2B and B2B via Azure AD
Support for on premise and cloud
based scenarios (e.g.: Office 365)
Seamless easy to provision and
support for FIPS 140-2 regulation
and compliance
Rights Management Services
29. Your security depends on a platform where:
APPS MUST EARN TRUST BEFORE USE
DEVICE GUARD