Ignite 2017: Interesting Windows Defender ATP Training Sessions
Published Oct 18 2017 12:43 AM 2,797 Views
  • Sessions 1-6:  core Windows Defender ATP - overview, detect investigate and respond
  • Sessions 7-9:  the rest of Win10 security stack technologies surfaced by WDATP
  • Session 10-11: background about indicators of attack and Microsoft red team.


Session title




Drill down: What's new in the Fall Creators Update for Windows Defender ATP

With the Fall Creators Update, Windows Defender ATP unifies your endpoint security stack, by putting Windows 10 threat & exploit protection and EDR under one roof. You have a single console to centrally manage your end-to-end security management lifecycle from Security Operations

Heike Ritter


Thorsten Henking


Windows Defender ATP machine learning: Detecting new and unusual breach activity

Microsoft invests in next-gen security to protect from malicious downloads and targeted threats by consolidating data and building systems that learn from data. These machine learning (ML) systems flag and surface threats that may go unnoticed. By augmenting human analysis, ML drives an antimalware evolution with SmartScreen and Windows Defender Antivirus, providing real-time detection of unknown, polymorphic malware.

Christian Seifert


Holly Stewart


Shay Kels


Investigate and shut down attacks more precisely than ever before with Windows Defender ATP

Attacks are getting more and more sophisticated - what you want is a single solution that helps you with the right detections and comes with all the tools you need to hunt them down!

Raviv Tamir


Automated response with Windows Defender ATP

With the advanced detection capabilities of Windows Defender ATP, customers have more visibility into threats than ever before. While visibility is tremendously important, security teams still struggle to follow up on the alerts they see manually...until now

Nathan Burke


Heike Ritter


Windows Defender ATP now extends beyond Windows clients

Did you ever dream of having full visibility into whats happening across all your endpoints? Your dream comes true! With the next Windows 10 Update, Windows Defender ATP provides you with more signals across your network, by adding support for additional platforms.

Raviv Tamir


How Microsoft uses Windows Defender ATP: Welcome to a SecOps world

Come and see how Microsoft IT uses Windows Defender Advanced Threat Protection (ATP) - day in, day out, to protect, detect and investigate threats, and respond to suspicious activities on endpoints.

Brian Hooper


Next-gen preventative protection with Windows Defender Advanced Threat Protection


Our customers are facing a difficult threat landscape, one where if you're targeted by a sophisticated attacker, they very likely will be able to compromise a device or maybe your entire network. Today's solutions are helping but they are nowhere near complete. With Windows Defender Advanced Threat Protection (ATP) we will offer a fully integrated and manageable solution that blurs the lines between endpoint protection (EPP) and endpoint detection and response (EDR) and raises the bar for security to a new level that hasn't been reached by today's solutions. 

Chris Hallum

[focus on: Windows Defender App Guard, App Control, Device Guard, Exploit Guard and AV technologies]


Windows Defender Exploit Guard: Reducing the Attack Surface while balancing productivity &


Windows Defender Exploit Guard enables enterprise admins to smartly manage the configuration and behaviors of the operating system and their applications, thereby limiting the attack surface of their apps and the OS, stopping exploits/raising the cost for exploitation, and containing damage.



Next-Gen AV: Windows Defender Antivirus unleashed

Windows Defender Antivirus is a next-gen enterprise-grade antivirus solution, built into Windows. WD AV uses the power of the cloud, wide optics, machine learning, and behavior analysis to rapidly respond to emerging, sophisticated threats and protect your devices against them. Come and learn everything you need to know about Windows Defender AV.


Amitai Rottem


Your attacker thinks like my attacker: A common threat model to create better defense

For the last decade, the security industry has been focusing on enumerating indicators of attacks, rather than invariant techniques. Recently, defenders realized that the key to better detections is the deep knowledge of the individual ammunitions which combined together makes a successful attack across the entire kill chain. In this talk, we'll deep dive into examples of common attacker techniques and show how measurable knowledge of such techniques can be used to improve detection, design of networks and fuel security products like WDATP.

Elia Florio research lead, WDATP


Jessica Payne


Red Teaming Windows: Building a better Windows by hacking it

For generations of Windows releases we've relied on the Security Development Lifecycle (SDL), Threat Modeling, and other processes to help identify security weaknesses in our designs and implementations and now with Windows 10 we've added another key tactic to our approach which is to use Red Team tactics. This process which started in Windows 8 has been scaled out and has become central to our engineering process. Come join us to learn how the Windows Red Team helps us build a better Windows by hacking it!

David Weston

Version history
Last update:
‎Oct 18 2017 12:49 AM
Updated by: