Protect, Detect and Respond – with Windows Server 2019 Part 2 « Secure Tour

Protect, Detect and Respond – with Windows Server 2019 Part 2

Attacks are constantly on the rise, so the message of the day is – we should level up the game!’. Let’s do it with Windows Server 2019. Microsoft approach to security is three-fold – Protect, Detect and Respond. Shielded VMs protect virtual machines from compromised or malicious fabric administrators. The VM can be accessed only by assigned workload admins and only when VM state it known, healthy, and attested. Encrypted Networks allow administrators to encrypt network segments, with a flip of a switch to protect the network layer between servers. We will also discuss Windows Defender Advanced Threat Protection (ATP) as a unified platform for preventative protection, post-breach detection, automated investigation, and response.

Microsoft does a lot when it comes to building protections into Windows like Windows Defender. The only thing left for you is start using them!

Part II

Windows Defender ATP
1. Architecture
2. Deploy Windows Defender ATP in your organization
3. Investigate and remediate threats
4. SIEM Integration
5. Access WD ATP API using PowerShell

Windows Defender Exploit Guard
1. Attack surface Reduction
2. Control Folder Access
3. Network protection
4. Exploit protection
5. Windows Defender ATP Exploit Guard

Target Audience: IT Specialists, Enterprise Architects, Security Specialist, Security Researchers