Discover and read the best of Twitter Threads about #wdatp

Most recents (4)

Office 365 Automated Investigation and Response (AIR) coming soon to ATP P2 or Office 365 E5 tenants. In this video I am showing one of the playbooks triggered by an Alert from Security and Compliance Center.
An Alert was triggered because malware was detected and removed from user mailbox after email message delivery. AIR analyzed: who else received similar emails, if user that received the malware violated DLP rules, had mailbox forwarding configured
or had any anomalies in sign-in activities. Investigation was also continued by Microsoft Defender ATP on user's workstation. Instead of collecting this information manually from different tools I had all that done automatically and report was presented to me.
Read 4 tweets
A round up of tweets from 2017 about learning and exploring security follows
Incorporate the security mindset to see security issues where others see reliability problems:
• Hardcoded metasploit addresses in crashes:
• Support case:
Read 9 tweets
Liberté, Égalité, and Scheduled Tasks!?! File under: more things Excel should not be doing. #DFIR #WDATP ImageImageImageImage
Sample hash: 214cd857955ed59f404f5b9fb76751eb4c2b45f4c2b9b821903d8f6c5269d810
Malware and how it shows up in #WDATP. @SwiftOnSecurity per your request 🙏
Read 3 tweets
1) If you defend Windows endpoints: New memory & kernel sensors, rapid quarantine/isolate remediation options, and investigation aids #WDATP ImageImageImage
3) And trial it yourself: aka.ms/wdatp 💪
Read 3 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!