- Window Defender ATP is not an anti-virus in a traditional sense. Windows Defender Advanced Threat Protection is a platform for enterprises. It helps organizations in prevention, detection, investigation, and response to advanced threats.
- Windows Defender ATP is based on several technologies that are interconnected: endpoint behavioral sensors, cloud security analytics and threat intelligence.
- Threat intelligence enables Windows Defender ATP to identify attacker tools, techniques, and procedures, and generates alerts when these are observed in collected sensor data, that is running on every endpoint.
- Cloud security analytics is using Big Data and machine learning techniques to help us detect more and provide us with the suggested response to particular attack.
Windows 2019 has built-in sensors for WD ATP, which leverages cloud and machine learning for threat intelligence which greatly increase security and visibility of threats on your network. It also includes System Insights, which is a new feature that brings local predictive analytics capabilities natively to Windows Server 2019.
These predictive capabilities – each based on a machinelearning model – analyze Windows Server system data, such as performance counters and events, providing insight into the state of your environment and helping you reduce the operational expenses associated with monitoring your Windows Server instances. System Insights introduces a set of capabilities focused on capacity forecasting, predicting future usage for computing, networking, and storage which brings your enterprise scale management to totally new level. Dear IT professionals, security specialists and developers – accept the challenge and join us!
Paula is also a top speaker on many well-known conferences like TechEd North America, TechEd Europe, TechEd Middle East, RSA, TechDays, CyberCrime. She was also rated as the best speaker at Microsoft Ignite 2015.
Highest Level Certifications: Enterprise Security MVP and trainer (MCT) and Microsoft Security Trusted Advisor, CQURE Academy Security Master.
Highest Level Certifications: Microsoft Certified Trainer (MCT), CQURE Academy Security Master.
Highest level certification: OCP MCSE MCDBA CISSP
Ved 4 eller flere samtidige tilmeldinger fra samme virksomhed får I 10% rabat på det samlede køb.
Rabatter kan ikke kombineres.
Keynote: Attacks of the Industry: Review of the techniques that still wonderfully work
Are there any attacks that are effective, reliable and almost always work? Of course! The attacks like PassThe-Hash, Spoofing or SMB Relay are still one of these awesome tactics allow attacker or penetration tester to get to a target organization.
Even though organization manages the infrastructure well, patches are regularly installed, network is monitored – they are still working perfectly as it is really a matter of misconfiguration rather than serious security vulnerability.
The problem is that some infrastructure mechanisms relay on type of communication used within the attacks and they use it for the normal communication: single sign-on authentication, service accounts, network sharing etc.
Join us in this opening keynote to become familiar with the biggest mistakes in infrastructure security that – from the attacker perspective – can be pretty much always exploited. This keynote will give you suggestions & ideas on how to reach the next level of security in your workspaces.
Session: Windows Security version Next - the big change has come
Mike Jankowski-LorekWe all should remember the impact of changes in the Windows Vista kernel. Administrators and developers met the new reality and had to live with it. Did you observe anything comparable since 2006? If you think no revolution happened during last ten years it means you are misled by the fact that big changes are introduced gradually. If you try to look under the hood you will see that the “new” Windows OS is so much different than anything else we had a chance to observe so far.
1. Hardware assisted security
2. Virtualization based security
3. Protected processes 4. Windows * Guards
5. Containers and new subsystems
Target audience: IT professionals, security specialists and developers wanted to use new OS features to make their environment more secure.
Session: Protect, Detect and Respond - with Windows Server 2019
Attacks are constantly on the rise, so the message of the day is ‘we should level up the game! Let´s do it with Windows Server 2019. Microsoft approach to security is three-fold – Protect, Detect and Respond. Shielded VMs protect virtual machines from compromised or malicious fabric administrators. The VM can be accessed only by assigned workload admins and only when VM state it known, healthy, and attested. Encrypted Networks allow administrators to encrypt network segments, with a flip of a switch to protect the network layer between servers. We will also discuss Windows Defender Advanced Threat Protection (ATP) as a unified platform for preventative protection, post-breach detection, automated investigation, and response.
Microsoft does a lot when it comes to building protections into Windows like Windows Defender. The only thing left for you is start using them!
Shielded VMs enhancements
1. Shielded VMs s concepts
2. Fabric and Workload Administrator
3. Attacks on your virtualization infrastructure
4. Host Guardian Service Enhancements in Windows 2019
5. Backup and restore operations
Linux Shielded VMs
2. Eliminate virtual infrastructure administrator attack vector
3. Deploy your first Linux Shielded VM
4. Linux Shielded VM management
1. Prevent leaking secrets on the network
2. Network controller configuration to support
Windows Defender ATP
2. Deploy Windows Defender ATP in your organization
3. Investigate and remediate threats
4. SIEM Integration
5. Access WD ATP API using PowerShell
Windows Defender Exploit Guard
1. Attack surface Reduction
2. Control Folder Access
3. Network protection
4. Exploit protection
5. Windows Defender ATP Exploit Guard
Target Audience: IT Specialists, Enterprise Architects, Security Specialist, Security Researchers
Session: Hybrid Environment Security - Migrating to Secure Cloud
Hybrid approach – one that combines on-premises and cloud environments working together, is what makes best solution for many organizations. Expanding your key infrastructure components (AD, PKI, backup) beyond your safe datacenter, new question arise how to make it secure when it is on the cloud? How to manage certificates, keys, encryption in virtual remote environment? How to get most out of new possibilities which are given by cloud? How easily manage bot environments with single tool?
- Hybrid Environment Scenarios
- Making Cloud Solutions Secure
- Securing Keys and Certificates In Cloud with Azure Key Vault
- Extending Active Directory beyond data centers
- Easy management of Hybrid solutions with Project Honolulu.
Session: WSL – what’s in it for me
Krystian ZiejaWSL stands for Windows Subsystem for Linux it is a cool new feature on modern versions of Windows. It looks promising but is it really that well organized and implemented? The idea behind WSL is not clear. Is this feature created for Linux fans who got used to use Bash, grep, awk, etc? Is this feature for Windows users for whom the PowerShell is not enough or simply using Linux tools is only way to communicate with legacy systems? There are more use cases, for ex. development or testing cross platform scripts or even executables. How this compares to grown up virtualization like HyperV or VMware. Is Docker not feasible and we really need to have another kernel level emulation?
- WSL architecture
- How can it be used to improve productivity?
- Limitations of the WSL implementation
- What threats are being transferred from Linux world to Windows?
- What threats are being transferred from Windows to Linux?
- WSL integration with Windows - file systems, networking, processes
- Empower your developers with Windows Subsystem for Linux
Closing keynote: Think and Act Like a Hacker to Protect Your Company’s Assets
The reality here is as follows: attacks happen and they will happen as long as there are humans on this planet. However, they should not happen if you protect your infrastructure properly. Is there a weakness right now in your IT security system? Wouldn´t it be better to find it before an untrusted source or hacker does? Even a small-scale security breach could leave your business in poor condition. Every day, you can apply some basic behaviors to protect your company from attack. It is really surprising how often a hacker can use the same paths to enter your system! In the end, information security is not an IT department´s problem, it is a business issue! Let´s put you into the hacker´s role, and perform all the activities they would to better understand the threats.
Har du faglige spørgsmål så kontakt
- Jette Ravn Merkel
- +45 72202695