8. App Locker
Windows
Defender AV
Bit Locker
TPM
Windows Hello
LAPS
PAW
Credential
Guard
Device Guard
EMET
UAC
Windows
Firewall
Smart Screen
Defender ATP
Application
Guard
Exploit Guard
GPO
Audit Policy
LSA
Protection
Windows
Update
Secure Boot
IPSEC
Windows
Information Protection
Thin Client
AutoVPN
OneDrive
MDM
DEP
9.
10.
11.
12.
13.
14.
15.
16. O F F
M A C H I N E
O N
M A C H I N E
P R E - B R E A C H
Windows Defender
Antivirus
Behavioral Engine
(Behavior Analysis)
▪ Process tree
visualizations
▪ Artifact searching
capabilities
▪ Machine Isolation
and quarantine
Windows
Defender ATP
(Advanced Threat
Protection)
▪ Enhanced behavioral
and machine
learning detection
▪ Memory scanning
capabilities
O365 (Email)
▪ Reducing email
attack vector
▪ Advanced sandbox
detonation
Edge (Browser)
▪ Browser hardening
▪ Reduce script based
attack surface
▪ App container
hardening
▪ Reputation based
blocking for
downloads
▪ SmartScreen
P O S T - B R E A C H
End to End Protection
O F F
M A C H I N E
Windows Defender
Antivirus
(AV)
▪ Improved ML and
heuristic protection
▪ Instantly protected
with the cloud
▪ Enhanced Exploit Kit
Detections
One Drive
(Cloud Storage)
▪ Reliable versioned
file storage in the
cloud
▪ Point in time file
recovery
App Guard
(Virtualized Security)
▪ App isolation
Locked Down
Devices
▪ Windows 10S
▪ Device Guard
▪ Credential Guard
▪ VSM
Windows
Defender Exploit
Guard
(HIPS)
Attack Surface
Reduction
• Set of rules to
customize the attack
surface
Controlled Folder
Access
• Protecting data
against access by
untrusted process
Exploit Protection
• Mitigations against
memory based
exploits
Network
Protection
• Blocking outbound
traffic to low rep
sources
Application Control
(Whitelisting)
▪ Whitelisting
application
