Presentation is loading. Please wait.

Presentation is loading. Please wait.

9/12/2018 7:18 AM THR1081 Don’t be the first victim of new malware Turn Windows Defender AV Cloud Protection on! Amitai Rottem @AmitaiTechie Senior Program.

Published byOliver Harper Modified over 5 years ago

Similar presentations

Presentation on theme: "9/12/2018 7:18 AM THR1081 Don’t be the first victim of new malware Turn Windows Defender AV Cloud Protection on! Amitai Rottem @AmitaiTechie Senior Program."— Presentation transcript:

1 9/12/2018 7:18 AM THR1081 Don’t be the first victim of new malware Turn Windows Defender AV Cloud Protection on! Amitai Senior Program Manager, Windows Active Defense © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 The story about Bob

3 9/12/2018 7:18 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

4 9/12/2018 7:18 AM :53:00pm © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

5 9/12/2018 7:18 AM :53:00pm © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

6 9/12/2018 7:18 AM :53:00pm © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

7 9/12/2018 7:18 AM :53:00pm © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

8 Now technical

9 9/12/2018 7:18 AM :53:21pm © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

10 9/12/2018 7:18 AM :53:21pm © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

11 Something is detected 2017-04-20 10:53:21pm 9/12/2018 7:18 AM
© Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

12 Service receives query
9/12/2018 7:18 AM :53:21pm Service receives query © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

13 File is deemed suspicious, sample requested
:53:21pm File is deemed suspicious, sample requested © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

14 Sample finishes uploading
:53:23pm Sample finishes uploading © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

15 Determined as malware, signature sent back 2017-04-20 10:53:28pm
9/12/2018 7:18 AM :53:28pm Determined as malware, signature sent back © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

16 9/12/2018 7:18 AM :53:28pm © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

17 9/12/2018 7:18 AM Only 8 seconds after clicking, Windows Defender AV blocked a new strain of ransomware variant that wasn’t ever seen before :53:29pm © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

18 9/12/2018 7:18 AM Only 8 seconds after clicking, Windows Defender AV blocked a new strain of ransomware variant that wasn’t ever seen before :53:29pm © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

19 Windows Defender AV’s unique optics
Microsoft 2016 9/12/2018 7:18 AM Windows Defender AV’s unique optics 1.2 billion Devices/monthly 200 billion s/monthly 3 billion Cloud queries/daily 2 million New file samples/daily 80 billion Metadata of files 2.5 trillion URLs index © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

20 Demo time! From Windows 10 version 1607 to 1703 to 1709
9/12/2018 7:18 AM Demo time! From Windows 10 version 1607 to 1703 to 1709 © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

21

22 Related content Breakout Sessions Theater Sessions Labs
Tech Ready 15 9/12/2018 Related content Breakout Sessions Next-Gen AV: Windows Defender Antivirus unleashed—Tuesday 11:30am (BRK3063) Windows Defender Exploit Guard: Reducing the Attack Surface while balancing productivity and security—Wednesday 2:15pm (BRK2084) Ransomware: Don't pay the ransom—Thursday 11:30am (BRK3065) Theater Sessions Windows Defender Exploit Guard: Reducing the Attack Surface while balancing productivity and security—Monday 6:05pm (THR2257) Deploying Windows Defender AV and more with Configuration Manager—Wednesday 10:50am (THR2218) Labs WAD-ILL304: Windows Defender Antivirus—configure and deploy policies and check out reports— Thursday 3:30pm © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

23 9/12/2018 7:18 AM Resources Whitepaper: Evolution of malware protection Demo website: AV Documentation: EG Documentation: Security Intelligence: Evaluation Guide + Script: © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

24 Please evaluate this session
Tech Ready 15 9/12/2018 Please evaluate this session From your Please expand notes window at bottom of slide and read. Then Delete this text box. PC or tablet: visit MyIgnite Phone: download and use the Microsoft Ignite mobile app Your input is important! © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

25 9/12/2018 7:18 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Download ppt "9/12/2018 7:18 AM THR1081 Don’t be the first victim of new malware Turn Windows Defender AV Cloud Protection on! Amitai Rottem @AmitaiTechie Senior Program."

Similar presentations

MIX 09 4/15/2017 11:14 PM © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.

MIX 09 4/15/ :14 PM © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.
Session 1.

Session 1.
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.

© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or.

© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or.

customer.

customer.
demo © 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names.

demo © 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names.
demo Demo.

demo Demo.
demo QueryForeign KeyInstance /sm:body()/x:Order/x:Delivery/y:TrackingId1Z01234567893.

demo QueryForeign KeyInstance /sm:body()/x:Order/x:Delivery/y:TrackingId1Z
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks.

© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks.
© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or.

© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or.

Microsoft Teams Behind the Scenes – Q&A

Microsoft Teams Behind the Scenes – Q&A
6/5/2018 1:30 PM THR1029 Spend less time managing data and more time with customers: Quick tour of Outlook Customer Manager Welly Lee Welly.Lee@microsoft.com.

6/5/2018 1:30 PM THR1029 Spend less time managing data and more time with customers: Quick tour of Outlook Customer Manager Welly Lee
6/10/2018 5:07 PM THR2218 Deploying Windows Defender AV and more with Intune and Configuration Manager Amitai Rottem @AmitaiTechie Senior Program Manager,

6/10/2018 5:07 PM THR2218 Deploying Windows Defender AV and more with Intune and Configuration Manager Amitai Senior Program Manager,
Azure Cloud Shell Magic of Modern Command-line Management

Azure Cloud Shell Magic of Modern Command-line Management
6/19/2018 2:57 AM THR3092 Monitor and investigate actions on your user and data with alerts, insights and reports Binyan Chen Program Manager II, Office.

6/19/2018 2:57 AM THR3092 Monitor and investigate actions on your user and data with alerts, insights and reports Binyan Chen Program Manager II, Office.
Optimizing Microsoft OneDrive for the enterprise

Optimizing Microsoft OneDrive for the enterprise
What a Real, Functioning DevOps Team Looks Like

What a Real, Functioning DevOps Team Looks Like
SQL Server on Linux on All-Flash Arrays

SQL Server on Linux on All-Flash Arrays

Similar presentations

Ads by Google