Book Image

Mastering Windows Security and Hardening

By : Mark Dunkerley, Matt Tumbarello
Book Image

Mastering Windows Security and Hardening

By: Mark Dunkerley, Matt Tumbarello

Overview of this book

Are you looking for effective ways to protect Windows-based systems from being compromised by unauthorized users? Mastering Windows Security and Hardening is a detailed guide that helps you gain expertise when implementing efficient security measures and creating robust defense solutions. We will begin with an introduction to Windows security fundamentals, baselining, and the importance of building a baseline for an organization. As you advance, you will learn how to effectively secure and harden your Windows-based system, protect identities, and even manage access. In the concluding chapters, the book will take you through testing, monitoring, and security operations. In addition to this, you’ll be equipped with the tools you need to ensure compliance and continuous monitoring through security operations. By the end of this book, you’ll have developed a full understanding of the processes and tools involved in securing and hardening your Windows environment.
Table of Contents (19 chapters)
Section 1: Getting Started
Section 2: Applying Security and Hardening
Section 3: Protecting, Detecting, and Responding for Windows Environments

Monitoring with MDATP

Formerly known as Windows Defender, Microsoft Defender is the anti-malware solution that is shipped with Windows. It provides threat detection solutions for Windows desktops and servers, Linux, and macOS. Microsoft Defender, when combined with ATP, becomes the MDATP solution. MDATP not only allows organizations to detect threats, but also provides threat intelligence, analytics, and Endpoint Detection and Response (EDR), and includes automated investigations for the Security Operations Center (SOC) to follow up on alerts.

The capabilities of the MDATP solution can be broken down into the following areas:

  • The Threat & Vulnerability Management feature discovers device vulnerability and misconfigurations using Microsoft Intelligent Security Graph. This provides real-time detection and response insights.
  • Attack surface reduction is used to describe the technology for mitigation of potential attack surfaces using controls such as hardware-based...