I would like to say thank you to everybody who attended the Microsoft Tech Summit 2018, Stockholm. It was an awesome setup and a great event with lots of great sessions.
It is always a pleasure and an honor to get the opportunity to speak at a Microsoft event. So, thank you for attending and for making speaking at the event a great experience! The session and slide deck were originally presented at Microsoft Ignite 2017.
Throughout the presentation updated information and links was used. Unfortunately, I am not allowed to share the slide deck, however as promised during the session, please find notes and links below.
Microsoft Tech Summit 2018, Amsterdam , April 17 - April 18, 2018
Session name: What’s new in Windows 10 security? Raising the bar of security once again with the Fall Creators Update!
Session Code: BRK2037
Session room: E102
- Get you Proof of Concept (PoC) started, enable Audit Mode for all solutions to start collecting insights
- Utilize a suitable solution for collecting Audit events from local event-logs e.g. using Windows Event Forwarding (WEF): https://blogs.technet.microsoft.com/jepayne/2015/11/23/onitoring-whatmatters-windows-event-forwarding-for-everyone-even-if-you-already-have-a-siem/
- STOP using Domain Admins accounts!
- Ensure to have local accounts protected, e.g. Administrator account by enabling random password solution, e.g. using Microsoft Local Administrator Solution (LAPS)
- Be prepared to respond to business complaints and be ready to remediate issues (have a “backup” plan)
- Start logging activity from your devices, see Security baseline for Windows 10 v1803 “Redstone 4” - DRAFT: https://blogs.technet.microsoft.com/secguide/2018/03/27/security-baseline-for-windows10-v1803-redstone-4-draft/
- Implement Security baseline for Office 2016 and Office 365 ProPlus apps - FINAL: https://blogs.technet.microsoft.com/secguide/2018/02/13/security-baseline-for-office-2016-andoffice-365-proplus-apps-final/
- Visit Windows Active Defense web site to start your test: https://demo.wd.microsoft.com/