Windows Defender Exploit Guard for Windows 10

  • Tuesday, 30 Oct 2018 3:30PM EDT (30 Oct 2018 19:30 UTC)
  • Speaker: Stephen Sims

With July 2018 marking the end of life for Microsoft's Enhanced Mitigation Experience Toolkit (EMET) utility, the new path forward in regard to cutting-edge exploit mitigations is Windows Defender Exploit Guard. Available only on Windows 10 starting with the Fall 2017 Creators Update, Exploit Guard carries on the controls from EMET, along with new ones, to help prevent successful exploitation of a vulnerability.

In this presentation, join SANS Faculty Fellow, Stephen Sims to take a look at the various controls available, how they work, and their potential concerns. This material comes as a great supplement and introduction to the course SEC599: Defeating Advanced Adversaries: Purple Team Tactics & Kill Chain Defenses.