Select Page
Credential Guard lab companion

Credential Guard lab companion

First published on TECHNET on May 15, 2017 If you have heard about Credential Guard in Windows Server 2016 (and in Windows 10), but do not have an environment to try it out, here is a lab environment we built ... continue reading

Rest easy with regulatory compliance in Windows Server 2016

First published on TECHNET on Apr 24, 2017 [This blog post was originally published at: https://blogs.technet.microsoft.com/hybridcloud/2017/04/11/rest-easy-with-regulatory-compliance-in-windows-server-2016/] Last month we learned that Windows Server 2016 has achieved Common Criteria certification for the General Purpose OS protection profile. This international standard is ... continue reading
App-V Sync not working if Device Guard is enabled

App-V Sync not working if Device Guard is enabled

First published on MSDN on Sep 11, 2018Hi there,In September 2017 Rollup there where some changes to Device Guard which increase teh Overall security of your System. As a result the way how our SyncAppVPublishingServer.exe does it work no longer ... continue reading
Screenshot of obfuscated script

Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV

Consider this scenario: Two never-before-seen, heavily obfuscated scripts manage to slip past file-based detection and dynamically load an info-stealing payload into memory. The scripts are part of a social engineering campaign that tricks potential victims into running the scripts, which ... continue reading
Desired State Configuration (DSC) Planning Update – September 2018

Desired State Configuration (DSC) Planning Update – September 2018

2018 has been the most active year ever for the DSC community. The DSC team is taking on major new areas of work in Azure, and we have made significant progress in development of the new DSC platform. In this ... continue reading

PowerShell Constrained Language Mode

PowerShell Constrained Language Mode What is PowerShell Constrained Language? PowerShell Constrained Language is a language mode of PowerShell designed to support day-to-day administrative tasks, yet restrict access to sensitive language elements that can be used to invoke arbitrary Windows APIs ... continue reading

Defending Against PowerShell Attacks

The security industry is ablaze with news about how PowerShell is being used by both commodity malware and attackers alike. Surely there’s got to be a way to defend yourself against these attacks! There absolutely is. PowerShell is – by ... continue reading
Introducing Windows Defender Application Control

Introducing Windows Defender Application Control

Application control is a crucial line of defense for protecting enterprises given today’s threat landscape, and it has an inherent advantage over traditional antivirus solutions. Specifically, application control flips the model from one where all applications are assumed trustworthy by ... continue reading
Hardening the system and maintaining integrity with Windows Defender System Guard

Hardening the system and maintaining integrity with Windows Defender System Guard

One of the things we spend a great deal of time thinking about here at Microsoft is how attackers will attempt to persist and evade detection once they’ve successfully compromised a device. With Windows 10 we’ve made it more difficult ... continue reading
Stopping ransomware where it counts: Protecting your data with Controlled folder access

Stopping ransomware where it counts: Protecting your data with Controlled folder access

Windows Defender Exploit Guard is a new set of host intrusion prevention capabilities included with Windows 10 Fall Creators Update. One of its features, Controlled folder access, stops ransomware in its tracks by preventing unauthorized access to your important files ... continue reading
Loading...