1. Microsoft Tech Summit 2017本情報の内容（添付文書、リンク先などを含む）は、Microsoft Tech Summit 2017 開催日（2017 年 11 月 8日 - 9 日）時点のものであり、予告なく変更される場合があります。

3. Ransomware: last 22 months
6,700
65,400
1 2
ランサムウェア検出台数 (国内)
X9
出典：トレンドマイクロ 2016年 年間セキュリティラウンドアップ

8. App Locker
Windows
Defender AV
Bit Locker
TPM
Windows Hello
LAPS
PAW
Credential
Guard
Device Guard
EMET
UAC
Windows
Firewall
Smart Screen
Defender ATP
Application
Guard
Exploit Guard
GPO
Audit Policy
LSA
Protection
Windows
Update
Secure Boot
IPSEC
Windows
Information Protection
Thin Client
AutoVPN
OneDrive
MDM
DEP

16. O F F
M A C H I N E
O N
M A C H I N E
P R E - B R E A C H
Windows Defender
Antivirus
Behavioral Engine
(Behavior Analysis)
▪ Process tree
visualizations
▪ Artifact searching
capabilities
▪ Machine Isolation
and quarantine
Windows
Defender ATP
(Advanced Threat
Protection)
▪ Enhanced behavioral
and machine
learning detection
▪ Memory scanning
capabilities
O365 (Email)
▪ Reducing email
attack vector
▪ Advanced sandbox
detonation
Edge (Browser)
▪ Browser hardening
▪ Reduce script based
attack surface
▪ App container
hardening
▪ Reputation based
blocking for
downloads
▪ SmartScreen
P O S T - B R E A C H
End to End Protection
O F F
M A C H I N E
Windows Defender
Antivirus
(AV)
▪ Improved ML and
heuristic protection
▪ Instantly protected
with the cloud
▪ Enhanced Exploit Kit
Detections
One Drive
(Cloud Storage)
▪ Reliable versioned
file storage in the
cloud
▪ Point in time file
recovery
App Guard
(Virtualized Security)
▪ App isolation
Locked Down
Devices
▪ Windows 10S
▪ Device Guard
▪ Credential Guard
▪ VSM
Windows
Defender Exploit
Guard
(HIPS)
Attack Surface
Reduction
• Set of rules to
customize the attack
surface
Controlled Folder
Access
• Protecting data
against access by
untrusted process
Exploit Protection
• Mitigations against
memory based
exploits
Network
Protection
• Blocking outbound
traffic to low rep
sources
Application Control
(Whitelisting)
▪ Whitelisting
application

17. Attack Surface Reduction
Exploit Protection
脅威へのアクセス制限
Network Protection
Controlled Folder Access
WINDOWS
DEVICES
APPS
ANALYZE
ATTACKS
BUILD
MITIGATIONS
Data driven
Software defense
EVALUATE
MITIGATIONS

18. Exploit Protection

19. Exploit Protection の軽減策

21.  OS レベルでの
ブロックを実現

22. Office rules
Email rule
Script rules
1.
2.

26. •
•

27.  •

31. ■
 https://docs.microsoft.com/en-us/windows/device-security/windows-security-baselines
■ Security baseline for Windows 10 “Fall Creators Update” (v1709) – FINAL
 https://blogs.technet.microsoft.com/secguide/2017/10/18/security-baseline-for-windows-10-fall-creators-update-v1709-final/
■
 https://blogs.technet.microsoft.com/jpsecurity/2017/09/14/moving-beyond-emet-ii-windows-defender-exploit-guard/
■
 https://docs.microsoft.com/ja-jp/windows/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard