Learn how to set up Attack Surface Reduction rules to block entire types of behaviour, minimising opportunities for attackers to compromise your devices.
Both a strength and weakness of Windows is its amazing support for legacy operations. Unfortunately, many of these types are vulnerable to misuse, such as Office macros executing malware, process creation from PSExec and WMI, or even obfuscated scripts. Attack Surface Reduction rules allow you to block entire types of behaviour, protecting you before antimalware signatures even come into play.
Want more hands on advice to help you get the most out of Microsoft 365 Defender? Sign up for our no-cost, no-obligation, Microsoft 365 Defender Advisory Service to get a one-to-one consultation with our award-winning Microsoft Security experts.
Book in now: www.threatscap...
Follow Us on Linkedin
/ threatscape