Identity Onpremises Devices Apps Data Onpremises Combined Microsoft

Identity On-premises Devices Apps Data

On-premises

Combined Microsoft Stack: Maximize detection coverage throughout the attack stages The Microsoft Security Model

Combined Microsoft Stack: Maximize detection coverage throughout the attack stages The Microsoft Security Model User receives an email Opens an attachment Clicks on a URL Office 365 ATP Email protection User browses to a website User runs a program Exploitation

Combined Microsoft Stack: Maximize detection coverage throughout the attack stages The Microsoft Security Model User receives an email Opens an attachment Clicks on a URL Office 365 ATP Email protection User browses to a website User runs a program Exploitation Installation C&C channel Windows Defender ATP End Point protection

Combined Microsoft Stack: Maximize detection coverage throughout the attack stages The Microsoft Security Model User receives an email Opens an attachment Clicks on a URL Office 365 ATP Email protection User browses to a website User runs a program Brute force an account Exploitation Installation C&C channel Windows Defender ATP End Point protection Reconnaissance Lateral Movement Domain Dominance

Combined Microsoft Stack: Maximize detection coverage throughout the attack stages The Microsoft Security Model User receives an email Opens an attachment Clicks on a URL Office 365 ATP Email protection User browses to a website User runs a program Brute force an account Exploitation Installation C&C channel Windows Defender ATP End Point protection Reconnaissance Lateral Movement Azure ATP Identity protection Domain Dominance

Detect advanced attacks in your on-premises, cloud and hybrid environments Azure ATP APPS

! 1 Collect 2 • Port Mirroring or Sensor on DC • L 7 Deep Packet Inspection (DPI) • Hybrid data&sources Analyze Learn 3 • Self-learning and profiling technology • Patented IP resolution mechanism • Unlimited scale powered by Azure Detect 4 Azure ATPSENSOR AD ADFS APPS HR SIEM • Abnormal behavior and suspicious activities • Real-breach oriented research Alert & Investigate • Microsoft Intelligence • Intuitive attack timeline • Quick triaging of alerts • Investigate via the dedicated Profile Page or Windows Defender ATP

Detect advanced attacks in your on-premises, cloud and hybrid environments Azure ATP APPS

http: //aka. ms/azureatp

https: //myignite. microsoft. com/evaluations https: //aka. ms/ignite. mobileapp