Microsoft Tech Summit 2018, Amsterdam

SERIES February 27, 2018 22:48 by Jesper Nielsen • 2 minutes to read

I would like to say thank you to everybody who attended the Microsoft Tech Summit 2018, Stockholm. It was an awesome setup and a great event with lots of great sessions.

It is always a pleasure and an honor to get the opportunity to speak at a Microsoft event. So, thank you for attending and for making speaking at the event a great experience! The session and slide deck were originally presented at Microsoft Ignite 2017.

Throughout the presentation updated information and links was used. Unfortunately, I am not allowed to share the slide deck, however as promised during the session, please find notes and links below.

Microsoft Tech Summit 2018, Amsterdam , April 17 - April 18, 2018

Session name: What’s new in Windows 10 security? Raising the bar of security once again with the Fall Creators Update!

Session Code: BRK2037

Session room: E102

Session link: What-s-new-inWindows-10-security-Raising-the-bar-of-security

Notes from the field

  1. Get you Proof of Concept (PoC) started, enable Audit Mode for all solutions to start collecting insights
  2. Utilize a suitable solution for collecting Audit events from local event-logs e.g. using Windows Event Forwarding (WEF): https://blogs.technet.microsoft.com/jepayne/2015/11/23/onitoring-whatmatters-windows-event-forwarding-for-everyone-even-if-you-already-have-a-siem/
  3. STOP using Domain Admins accounts!
  4. Ensure to have local accounts protected, e.g. Administrator account by enabling random password solution, e.g. using Microsoft Local Administrator Solution (LAPS)
  5. Be prepared to respond to business complaints and be ready to remediate issues (have a “backup” plan)
  6. Start logging activity from your devices, see Security baseline for Windows 10 v1803 “Redstone 4” - DRAFT: https://blogs.technet.microsoft.com/secguide/2018/03/27/security-baseline-for-windows10-v1803-redstone-4-draft/
  7. Implement Security baseline for Office 2016 and Office 365 ProPlus apps - FINAL: https://blogs.technet.microsoft.com/secguide/2018/02/13/security-baseline-for-office-2016-andoffice-365-proplus-apps-final/
  8. Visit Windows Active Defense web site to start your test: https://demo.wd.microsoft.com/

References

Hardening the system and maintaining integrity with Windows Defender System Guard

Windows Defender Application Guard overview

Testing scenarios using Windows Defender Application Guard in your business or organization

Windows Defender Application Control

Windows Defender Exploit Guard

Reduce attack surfaces with Windows Defender Exploit Guard

Troubleshoot Attack surface reduction rules

Windows Defender Exploit Guard requirements

What is new in Microsoft Intune Week of March 12, 2018 - New Windows Defender Exploit Guard settings

Protect important folders with Controlled folder access

Windows Defender Advanced Threat Protection - Intelligence-driven protection, detection, and response

Big news in our drive to eliminate passwords: FIDO2 / WebAuthn Reaches Candidate Recommendation status!

Enable Microsoft Windows Hello for Business in your organization

Enable Windows 10 Multifactor Authentication with Windows Hello Multifactor Device Unlock & Microsoft Intune

-Jesper

This post is part of the Microsoft Tech Summit 2018 series.
Other posts in the series:

November 14, 2018 by Jesper Nielsen • 1 minut to read

April 19, 2018 by Jesper Nielsen • 2 minutes to read

Microsoft Tech Summit 2018, Amsterdam (This post)

February 27, 2018 by Jesper Nielsen • 2 minutes to read