Windows Defender ATP team

Recommendations for deploying the latest Attack surface reduction rules for maximum impact

The keystone to good security hygiene is limiting your attack surface. Attack surface reduction is a technique to remove or constrain exploitable behaviors in your systems. In this blog, we discuss the two attack surface reduction rules introduced in the most recent release of Windows and cover suggested deployment methods and best practices. Software applications […]

Recommendations for deploying the latest Attack surface reduction rules for maximum impact Continue Reading

Windows Defender ATP has protections for USB and removable devices

Meet Jimmy. Jimmy is an employee in your company. He Does Things With Computers (official title). Last Wednesday, as Jimmy got out of his car after parking in the company-owned parking lot, he saw something on the ground. That something is a 512GB USB flash drive! Jimmy picks up the drive, whistling along to himself

Windows Defender ATP has protections for USB and removable devices Continue Reading

Windows Defender ATP device risk score exposes new cyberattack, drives Conditional access to protect networks

Several weeks ago, the Windows Defender Advanced Threat Protection (Windows Defender ATP) team uncovered a new cyberattack that targeted several high-profile organizations in the energy and food and beverage sectors in Asia. Given the target region and verticals, the attack chain, and the toolsets used, we believe the threat actor that the industry refers to

Windows Defender ATP device risk score exposes new cyberattack, drives Conditional access to protect networks Continue Reading