runtime attestation – Computer Security Articles

How Windows Defender Antivirus integrates hardware-based system integrity for informed, extensive endpoint protection

July 31, 2019 admin assertion engine, cybersecurity, hardware-based isolation, kernel-mode attacks, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, next generation protection, Privilege Escalation, runtime attestation, Security Intelligence, Threat protection, token swap, token theft, Windows Defender Antivirus, Windows Security

Credit to Author: Eric Avena| Date: Wed, 31 Jul 2019 16:30:35 +0000

The deep integration of Windows Defender Antivirus with hardware-based isolation capabilities allows the detection of artifacts of attacks that tamper with kernel-mode agents at the hypervisor level.

The post How Windows Defender Antivirus integrates hardware-based system integrity for informed, extensive endpoint protection appeared first on Microsoft Security .

Microsoft Security

Building Zero Trust networks with Microsoft 365

June 14, 2018 admin Azure Active Directory, Azure AD, conditional access, cybersecurity, data breach, Microsoft Intune, runtime attestation, Windows Defender ATP, Windows Defender System Guard, Zero Trust network

Credit to Author: Windows Defender ATP| Date: Thu, 14 Jun 2018 15:00:35 +0000

The traditional perimeter-based network defense is obsolete. Perimeter-based networks operate on the assumption that all systems within a network can be trusted. However, todays increasingly mobile workforce, the migration towards public cloud services, and the adoption of Bring Your Own Device (BYOD) model make perimeter security controls irrelevant. Networks that fail to evolve from traditional

Microsoft Security

Virtualization-based security (VBS) memory enclaves: Data protection through isolation

June 5, 2018 admin attestation report, cybersecurity, data protection, Hypervisor Code Integrity (HVCI), Microsoft Azure, runtime attestation, secure memory enclaves, SQL Server, VBS enclaves, virtualization-based security

Credit to Author: Windows Defender ATP| Date: Tue, 05 Jun 2018 16:00:15 +0000

The escalating sophistication of cyberattacks is marked by the increased use of kernel-level exploits that attempt to run malware with the highest privileges and evade security solutions and software sandboxes. Kernel exploits famously gave the WannaCry and Petya ransomware remote code execution capability, resulting in widescale global outbreaks. Windows 10 remained resilient to these attacks,

Microsoft Security

Introducing Windows Defender System Guard runtime attestation

April 19, 2018 admin cybersecurity, runtime attestation, VBS enclaves, virtualization-based security, Windows 10, Windows Defender System Guard

Credit to Author: Windows Defender ATP| Date: Thu, 19 Apr 2018 16:00:57 +0000

At Microsoft, we want users to be in control of their devices, including knowing the security health of these devices. If important security features should fail, users should be aware. Windows Defender System Guard runtime attestation, a new Windows platform security technology, fills this need. In Windows 10 Fall Creators Update, we reorganized all system