Cool blog on how Defender uses Virtualization-based attestation to find kernel attacks in-the-wild:https://www.microsoft.com/security/blog/2019/07/31/how-windows-defender-antivirus-integrates-hardware-based-system-integrity-for-informed-extensive-endpoint-protection/ …
-
-
It depends if you are in the security industry, or in the security product industry ;). I have insufficient insight into what it does, but I suspect the prime effect will be “even more protected processes” because existing protected processes weren’t a bad enough idea yet.
-
On the plus side, this is progress along the axis of turning security into a DRM-style cat & mouse game with jobs for attackers & defenders (and users losing ;).
- 13 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.


//cc