Forum Widgets
Latest Discussions
Announcing a Windows 10 security AMA on June 21st!
We are very excited to announce an upcoming opportunity to 'Ask Microsoft Anything' (AMA) about Windows 10 security! The AMA will take place on Wednesday, June 21, 2017 from 8:00 AM to 9:00 AM Pacific Time in the Windows 10 security space. If you aren't familiar with the concept, an AMA is a live online question-and-answer event similar to a "YamJam" on Yammer or an "Ask Me Anything" on Reddit. The Windows 10 security AMA will give you the opportunity to connect with members of the Windows engineering and product teams, who will be on hand to answer your questions and listen to feedback about: Windows Defender Advanced Threat Protection Windows Defender Antivirus Windows Defender AppGuard Windows Hello for Business Credential Guard Device Guard Don't miss this opportunity. Add the event to your calendar. We hope to see you there!Welcome to the Windows 10 security AMA!
We will spend this hour discussing Windows 10 security technologies, best practices, tips, and tricks with the Windows product and engineering teams. To submit a question, click "Start a new conversation" in the Windows 10 security space--and do this for each new question. This will enable us to easily identify and answer your questions. If you are looking for help with a specific issue, please visit the Windows IT Pro forums on TechNet. After the event, we will make a summary of the AMA and post it to the group. To get started, please introduce yourself as a reply below!
Harden Windows 10
for a while I have been aware of this Microsoft documentation, which is very useful for hardening windows 10: https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection but now there is also this Microsoft documentation: https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-security-configuration-framework/windows-security-configuration-framework (note that you have to impliment 5+4 to reach level 4, and 5+4+3 to reach level 3 etc) be aware that there is overlap between the two and a lack of step by step information about how to impliment and enable some features but such information can usually be found within https://docs.microsoft.com/en-us/windows/security/threat-protection here is also a good overview of the security boundaries, features, and mitigations in windows 10: https://www.microsoft.com/en-us/msrc/windows-security-servicing-criteria this is all targetted at enterprise but I have found it useful even on my own consumer devices I would be grateful if a lot of these Microsoft recommended security features and mitigations weren't disabled by default enjoy! - bearyRequest for feedback [Bitlocker on Removable Drives]
Hello community! Microsoft recognizes importance of encryption of removable drives and is working on improving existing Bitlocker technology in this area. This would include automatic encryption of removable storage, exemption of specific drives and storing recovery password for such drives in the cloud. We are looking for feedback from the customers that are interested in this functionality to better understand their needs. Please fill out below survey, survey is anonymous and will help us build this feature for you. https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR0rHZIfVzkRDkd2nogRfyjpUNEZQTzJGTUxZT08xNkEyWFBTSlgxRERKWC4u Best Regards Rafal Sosnowski Program Manager Windows Core Data Protection TeamTurn on Mandatory ASLR in Windows Security
I've been using it for quite a while now, it caused no problems or errors with any legitimate programs, games, anti cheat systems etc other than with some "custom" made portable programs. it's Off by default, when you turn it on, you will have to restart your device. Address space layout randomization Address space layout randomization (ASLR) is a computer security technique involved in preventing exploitation of memory corruption vulnerabilities. In order to prevent an attacker from reliably jumping to, for example, a particular exploited function in memory, ASLR randomly arranges the address space positions of key data areas of a process, including the base of the executable and the positions of the stack, heap and libraries. The Linux PaX project first coined the term "ASLR", and published the first design and implementation of ASLR in July 2001 as a patch for the Linux kernel. It is seen as a complete implementation, providing also a patch for kernel stack randomization since October 2002.[1] The first mainstream operating system to support ASLR by default was the OpenBSD version 3.4 in 2003,[2][3] followed by Linux in 2005. https://en.wikipedia.org/wiki/Address_space_layout_randomization https://blogs.technet.microsoft.com/srd/2017/11/21/clarifying-the-behavior-of-mandatory-aslr/ Other options that are tuned off by default and you should enable to make your Windows device more secure With the increasing number of threats in cyber security and new ransomwares, If you are only relying on Windows 10's built in security and not using any 3rd party AV such as Kaspersky, you must enable these features to keep yourself secure. Hope everyone stay safe!
My Wish: A full fledged firewall for Windows 10
I have used Windows software for years. I have always purchased software to protect my Windows systems. I would really like to see Microsoft step up the protection for a home/portable PC, to meet the environment that a home/portable PC lives in. Plainly put, the internet is dangerous for what exists on a 24 hr. basis. The are people with bad intentions that are constantly scanning the internet, looking for vulnerable systems. Home/portable PC's do not have the capability of having IT experts monitoring their security needs, or providing ivulnerability detection scans. There are no 'red hat' teams running around scanning systems, to help protect the systems. There are plenty of 'black hat' teams scanning, to the detriment of normal computer owners. I installed a new wireless router and within five minutes, I had scans coming from Russia, Ukraine, and Pakistan. Having worked with servers previously, I really would like more software control over what accesses my system. I would like to have contol to block: Countries IP addresses Scripts Crawlers I would be even happy having a single switch, which if flipped, would disallow any IP address outside of the United States. The reality though is that there are many bad people within the United States, using US addresses, who are attacking sites. I would like to see a real functioning firewall developed for user control, built into Windows software. This software would perform blocking activities, internally & externally (i.e. if a user selected foreign country blocking, it would disallow foreign country access from the internet, and would block any attempt to connect to/communicate with a foreign system). Yep, call me a dreamer!That's a wrap! Windows 10 security AMA
It's 9:00 a.m. and our Windows 10 security AMA has come to a close. Thank to all who joined us today! We will put together a summary of what was covered during the AMA and share it here. We hope you will continue ask questions, share tips with each other, and share your feedback with us in the Windows 10 security space. See you next time!
