Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Microsoft Defender ATP [Attack Simulation & Investigation] Demos

Iron Contributor

Hi Community, 

 

If you are new to Microsoft Defender ATP or want to see a series of demos on how the product can help your organization, check out this:

 

 

In this demo, you learn how to onboard a machine to Microsoft Defender ATP by using a local script that you run on your Windows machine. I was honored to be speaking at the first Security BSides Conference in Amman Jordan [20 April 2019 - ASU]. As requested by many attendees, I am making this ...
2 Replies

@Ammar Hasayen  thank for the info! However, we are facing an issue when running the Simulation #1 when opening the docm file in Word. AMSI is getting in the way. We did "unblock" the file from the properties of the document and even allowed all macros from the Trust Center.

 

Any idea how to pass that AMSI security message and finalize the simulation?

 

Thanks!

Charles

@Chuck99  thanks for your feedback.

 

Im my demo, I am using the latest Windows 10 machine that is not joined tot he domain and does not have any thing installed on it but Office to open the document. I am not sure I did anything special to make that work.