Advanced Threat Hunting with Windows Defender ATP

Advanced Hunting is an exciting feature of Windows Defender ATP, and gives you deep insight into your environment, but learning how to use it can be difficult. We'll deep dive into the Kusto Query Language (KQL) you need to use, helping you master not just the fundamentals, but also tips and tricks for query optimization, so you can see results faster and solve problems more easily!

Then, we'll explore the schema, looking at real-world examples where we dive deep into the data to surface adversary behavior, or even configuration gaps. You'll walk away better able to defend your environment leveraging the power of Windows Defender ATP!

  Back to timeline

Session information

Track: Security
Time and date: 07/02/2019, 13:20 - 14:20
Location: Room 1

  Add to calendar


Chris Jackson

Company: Microsoft
Position: Principal Architect