Security expert roundtable: advanced threat protection at Microsoft (October 2017)
Security experts from Microsoft discuss phishing, malware protection, threat intelligence, and more. They share candid insights and best practices about using Advanced Threat Protection in Azure, Windows 10, and Office 365 to combat sophisticated cyberattacks from advanced adversaries and to protect company data.
These questions — and more — are discussed during this session:
- [01:30] What are the different Advanced Threat Protection (ATP) products that Microsoft offers?
- [06:10] With regards to phishing threats, what did the Security Operations Center (SOC) use prior to Office 365 ATP and what are the benefits from this?
- [10:38] Within the SOC, what—if any—SIEM (Security Information and Event Management) tools and third-party threat feeds do you use to complement your intelligence?
- [20:01] With regards to phishing—there are a lot of tools to help understand and remediate email text, but can I search for emails using URLs?
- [24:25] For a company with lots of proprietary information, how secure would ATP be if information about files on a network needs to be sent to Microsoft to be analyzed? Are copies of these files kept on Microsoft servers?
- [25:44] How is ATP different from normal virus scanning?
- [32:56] How do Microsoft ATP products compare with other third-party products?
- [40:42] Is ATP analysis available on free email accounts such as Hotmail or live.com within the context of users accessing personal email on work computers?
- [45:08] In the SOC, what was one of the most significant findings using Defender ATP?
- [46:26] How does Microsoft technology help against attack trends?
- [50:46] What is the one key take away that you would like to leave our audience with today?
Access additional technical content, discover new and exciting career opportunities in IT, and much more: