You're reading from Windows Ransomware Detection and Protection Securing Windows endpoints, the cloud, and infrastructure using Microsoft Intune, Sentinel, and Defender

Product type Paperback

Published in Mar 2023

Publisher Packt

ISBN-13 9781803246345

Length 290 pages

Edition 1st Edition

Languages

Rust

Tools

Azure

Concepts

Cybersecurity

Author (1):

Marius Sandbu

View More author details

Table of Contents (16) Chapters

Preface

1. Part 1:Ransomware Basics

2. Chapter 1: Ransomware Attack Vectors and the Threat Landscape FREE CHAPTER

3. Chapter 2: Building a Secure Foundation

4. Part 2:Protect and Detect

5. Chapter 3: Security Monitoring Using Microsoft Sentinel and Defender

6. Chapter 4: Ransomware Countermeasures – Windows Endpoints, Identity, and SaaS

7. Chapter 5: Ransomware Countermeasures – Microsoft Azure Workloads

8. Chapter 6: Ransomware Countermeasures – Networking and Zero-Trust Access

9. Chapter 7: Protecting Information Using Azure Information Protection and Data Protection

10. Part 3:Assume Breach

11. Chapter 8: Ransomware Forensics

12. Chapter 9: Monitoring the Threat Landscape

13. Chapter 10: Best Practices for Protecting Windows from Ransomware Attacks

14. Index

Why subscribe?

15. Other Books You May Enjoy

Azure Information Protection

Classifying data is the first part of protecting our data; however, it does not automatically encrypt the data. Therefore, you need to have a product/service that can encrypt data based on the sensitivity labels that have been defined on the data.

While there are many products on the market that have this capability, we are going to focus on a service from Microsoft called Azure Information Protection.

AIP has a wide set of features; it includes a labeling client that can be installed on end users’ machines, which is integrated into the File Explorer and Office applications. This means users can automatically label files and data, which can then be automatically encrypted by the client.

AIP also has an on-premises file scanner that can be used to scan networks and file shares for sensitive content and automatically apply classification and protection labels based on policies that have been defined.

Note

AIP requires a Microsoft E5...