Forum Discussion

Deleted

Jun 21, 2017

Solved

Windows Defender ATP - Memory Dump

Hi, when will we be able to do memory dumps for forensics with Defender ATP? Alot of the attacks we see are fileless these days, would be a nice feature! /Mats

HeikeRitter
Jun 21, 2017
No I won't be at Inspire this year - skipping just one of all the conferences we have ;) But we have great staff there supporting the Windows Security booth.

Your feedback is taken and I will add a +1 to the list of "customers/partners asking for memory dumps"

HeikeRitter

Microsoft

Jun 21, 2017

Hi Mats,

we are looking into providing this option. You know that with our latest update we enhanced our sensors with detection capabilities for in-memory and kernel based attacks? Regarding memory dump we received mixed feedback from customers (network bandwith, lack of expertise to analyse those, time consuming...) but I would love to hear your scenario, also do you have branch offices and would you collect dumps from those machines too?

Pinku1725

Copper Contributor

Feb 05, 2023

Hi Heike,

Any update on the features and if when it will get implemented or is it already implemented? Please update.

profedinelsonsaldanha
Copper Contributor
Feb 08, 2023
Pinku1725
https://instagram.com/profedinelsonsaldanha?igshid=Zjc2ZTc4Nzk=
profedinelsonsaldanha