Event banner

AMA: Device Health Attestation - security benefits and integrations

Event Ended
Thursday, Oct 27, 2022, 11:00 AM PDT
Online

Event details

Ensuring that a platform is healthy and trustworthy is a fundamental vertical in today’s zero trust approach, and this has become one of the keys focuses of recent times. Pre-OS boot continues to rem...
Heather_Poulsen
Updated Dec 27, 2024
Technical Takeoff
mbhmirc's avatar
mbhmirc
Brass Contributor
Oct 23, 2022
Hello, Since this explicitly mentions preboot, will there be support for bitlocker tpm and pin in intune? Microsoft's own recommendation is if an attacker has access to the device it should be protected in this way. The TPM attack can now be done in 15 minutes. How can device attestation prevent such an attack if it happens at a level it can't block? Personal data encryption is a possible fix here but even then it is not suitable for use right now as it's known issues prevent it being used in any real meaningful context in the enterprise.
jeddy_'s avatar
jeddy_
Iron Contributor
Oct 27, 2022
Agreed, BitLocker with PIN is a feature available in MDOP MBAM that sorely needs native support in Intune.
Date and Time
Oct 27, 202211:00 AM - 11:30 AM PDT