Improve security and simplify operations with Windows Defender Antivirus + Morphisec

Credit to Author: Todd VanderArk| Date: Tue, 27 Aug 2019 16:00:04 +0000

My team at Morphisec (a Microsoft Intelligent Security Association (MISA) partner) often talks with security professionals who are well-informed about the latest cyberthreats and have a longterm security strategy. The problem many of them face is how to create a stronger endpoint stack with limited resources. Towne Properties is a great example. We recently helped them simplify operations and increase endpoint security with Windows Defender Antivirus and Morphisec for advanced threat prevention.

The challenge: increase endpoint security and simplify operations

Towne Properties is a leading commercial and residential property management company in the Midwest. Our customer, Bill Salyers, the IT Director at Towne Properties, recently migrated the company to Windows 10 to adopt its embedded security features, including Windows Defender Antivirus. Yet he remained concerned about advanced zero-day attacks that bypass antivirus solutions and cause damage to the firm and its clients.

When we met Bill, Towne Properties used a commercial third-party antivirus. The product protects against known attacks, but it didn’t prevent zero-day, evasive memory attacks, which are increasing at a rapid rate. Bill needed to address this gap in his endpoint protection but couldn’t deploy another security detection tool given the lean composition of his security team. They just didn’t have the resources and bandwidth to manage another tool. Bill required better endpoint protection and simplified operations.

“At Towne, our goal is to make our endpoints as secure as possible from advanced threats, while simplifying our environment and maintaining fixed budgets.”
—Bill Salyers, IT Director, Towne Properties

Windows Defender Antivirus provides built-in endpoint protection

When we learned that Towne Properties needed a lightweight solution that would improve endpoint protection, we reintroduced Bill to Windows Defender Antivirus. Built into Windows 10, Windows Defender Antivirus protects endpoints against known software threats like viruses, malware, and spyware across email, apps, the cloud, and the web.

Bill performed a thorough evaluation of Windows Defender Antivirus and was thrilled to find that it compared favorably in terms of efficacy and capabilities to their incumbent third-party antivirus. With no installation required or new interface to learn, his team was able to quickly eliminate a third-party tool and reduce their total cost of ownership (TCO).

“Windows Defender Antivirus met all our requirements at no incremental cost. We replaced our third-party antivirus without sacrifice.”
—Bill Salyers, IT Director, Towne Properties

Screenshot of the Morphisec Moving Target Defense dashboard.

Morphisec adds a new layer of prevention

The money Bill saved dropping the third-party antivirus gave him more flexibility to address zero-days and memory-based attacks. He invested in Morphisec, which is based on their highly innovative Moving Target Defense technology. Morphisec Moving Target Defense stops unknown attacks by morphing critical assets to make them inaccessible to the adversary and killing the attack pre-execution. Morphisec is integrated with Windows Defender Antivirus and extends Towne Properties’ endpoint protection to include zero-days, advanced memory-based threats, malicious documents, and browser-based attacks. It’s lightweight and easy to manage, which is important to Bill. The integration with Windows Defender Antivirus allowed Towne to achieve both better protection and simpler operational management with visibility through a single pane of glass.

Infographic which reads: Endpoint Application; Keyless, one-way randomization each time an application loads; application memory (both original and morphed).

Figure 1: As an application loads to the memory space, Morphisec morphs the process structures, making the memory constantly unpredictable to attackers (Source: Morphisec website).

Infographic which reads: Endpoint Application; Malicious code injection; legitimate code runs seamlessly with the morphed application structure; call to original resources exposes and traps the attack; Skeleton/Trap; and Application memory (morphed).

Figure 2: Legitimate application code memory is dynamically updated to use the morphed resources; applications load and run as usual while a skeleton of the original structure is left as a trap. Attacks target the original structure, fail to execute, and are trapped.

“We chose Morphisec because Moving Target Defense’s highly innovative approach prevents the most dangerous unknown memory-based attacks.”
—Bill Salyers, IT Director, Towne Properties

The Morphisec and Microsoft partnership supports Towne Properties’ cybersecurity roadmap

One reason Bill and his management team were so enthusiastic about Morphisec and Windows Defender Antivirus is because it supports their overall security plan. Towne Properties is a Microsoft shop aligned with the Microsoft cybersecurity strategy. Morphisec also integrates with Microsoft Defender Advanced Threat Protection (ATP), which allows Towne Properties to seamlessly chart their Microsoft and Morphisec journey.

“It was also important to learn how Microsoft has partnered closely with Morphisec. Morphisec integrates with Microsoft Defender ATP, giving us high confidence to continue down the Microsoft and Morphisec journey.”
—Justin Hall, Security Specialist, Towne Properties

Windows Defender Antivirus and Morphisec Moving Target Defense are better together

Windows Defender Antivirus and Morphisec Moving Target Defense offer the following features:

Windows Defender Antivirus:

  • Delivers leading machine learning and behavior-based antimalware and threat protection.
  • Is built into Windows 10 at no additional cost.
  • Requires no installation—just turn on features in Windows 10.

Morphisec Moving Target Defense:

  • Delivers an entirely new layer of deterministic prevention against the most advanced and most damaging threats to the enterprise, including unknown attacks, zero-days, ransomware, evasive fileless attacks, and web-borne attacks.
  • Simple to manage and extremely lightweight with zero impact on operations.
  • Virtually patches vulnerabilities.
  • Integrates with Microsoft Defender ATP to visualize attacks prevented by Morphisec and incorporate threats identified by Morphisec in the Microsoft Defender ATP dashboard.

Morphisec + Microsoft:

  • Provides superior endpoint protection at an affordable cost.
  • Is simple to deploy, manage, and maintain.

“Morphisec with Windows Defender Antivirus offers a truly set it and forget it solution. Morphisec’s lightweight design coupled with Windows Defender Antivirus provides strong endpoint security, the best value, and a simpler operational environment.”
—Bill Salyers, IT Director, Towne Properties

Learn more

The post Improve security and simplify operations with Windows Defender Antivirus + Morphisec appeared first on Microsoft Security.

https://blogs.technet.microsoft.com/mmpc/feed/

Leave a Reply