Microsoft continues to deliver it’s password-less promise and introduces native FIDO2-based authentication to Windows 10 & Azure AD.
“There is no doubt that over time, people are going to rely less and less on passwords. People use the same password on different systems, they write them down and they just don’t meet the challenge for anything you really want to secure.”
This blog post is an introduction of a series of blogs to cover the game changing risk-based approach Microsoft Defender ATP offers to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations.
SecOps act by incident response via a centralized alert view and powerful hunting capabilities enabling ad-hoc investigations.
SecAdmins will gain the visibility, control, and guidance necessary to understand and act on the threats currently impacting their organization, as well as information on past and future threats.
In this series of blogs I will focus exclusively on the responsibility of a SecAdmin and all aspects that Microsoft Defender ATP has to offer in regards. Therefore we kick off this serie starting with Configuration Management and Threat & Vulnerability Management.
In 2004, long before we went online massively concepts like phishing or ransomware were on the rise, Bill Gates, predicted at the RSA Conference that year the demise of passwords saying “they just don’t meet the challenge for anything you really want to secure.”
For years, we’ve been discussing the vulnerabilities of passwords (80 percent of security breaches are down to stolen passwords & credentials) and the need to ditch them for more robust & secure solutions. Many initiatives have been launched like Microsoft’s CardSpace, the Higgins project, the Liberty Alliance, NSTIC, the FIDO Alliance and various Identity 2.0 proposals. All with the explicit goal of eliminating passwords.
Alongside the announcement of down-level support for Windows 7 and Windows 8.1, there is more exciting news in regards to Windows Defender ATP. Since today Windows Defender ATP Security Analytics is extended with two new security controls; BitLocker and Firewall.
In this blog post I’ll explain how to configure and enable Windows Hello Multifactor Device Unlock using Microsoft Intune. Windows Hello Multifactor Device Unlock provides multifactor device authentication for login or unlocking Windows 10 devices.
In my previous blog I highlighted the Security Analytics Dashboard of the Windows Defender Advanced Threat Protection and how to improve your organizations security excellence covering two improvement area’s: Windows Defender Antivirus and Windows Defender Application Guard.
Last week Microsoft announced the public preview of Windows Defender ATP Windows 10 Fall Creator update. I’m quite excited – we’ll should – of the new capabilities which allows you to better protect your endpoints from threats.
I had the opportunity to work with this for a while and like to highlight my personal favorite feature – Security Analytics Dashboard. Why? It’s because this feature gives me insights of my current endpoint (Windows 10, Windows Server, Linux* & Mac OS*) security posture and what it takes to utilize the full potential.