Category: MDE

Microsoft Purview: Endpoint DLP Part 2

In this blog post, I will now go into more depth of the different features.

I present the individual protection options with examples and screenshots.

Use case:

A member of the supervisory board, Dr. Ludwig K., works with sensitive data of level C-4.

C-4 is the most sensitive data and any leakage can severely harm the enterprise.

The naming could be different in other companies or enterprises, but the bottom line is, everything boils down to “strictly confidential”.



Continue reading

Windows Defender ATP: the lost boys – Mac & Linux

At RSA 2019 I’ll be speaking about the Lost Boys: How Linux and Mac Intersect in a Windows-Centric Security World. We often see that Windows has such a large market share as the platform of choice, it can render Linux and Mac the Lost Boys in the world of security. This is also reinforced by the fact that the management of the two platforms for enterprise environments is simply not comparable to the administration of Windows client or server operating systems. But from the perspective of a security officer, this is as important as necessary. In November 2017, Microsoft announced that it will extend Windows Defender ATP partners across platforms. With that, the public availability of the WDATP integration of Ziften, Bitdefender and Lookout went live. With this comprehensive approach, Microsoft unites forces against cyber threats and adds lack of knowledge about behavior-based security solutions on these platforms through the industry expertise of its partners. This integration has now been extended to include two additional platforms, SentinelOne and Corrata. In this blog post I’ll give you a first introduction how the integration with Ziften can be done. Later we will have a look how the agent behaves on Mac and Linux machines with two different examples of real world attacks, that we have seen in the past couple of months.

Continue reading
© 2022 IT-Pirate