Trace Id is missing

Unlock your potential with Microsoft Copilot

Get things done faster and unleash your creativity with the power of AI anywhere you go.
Download the Copilot app
Microsoft Copilot app being utilized to generate pictures of a singing dog, assisting to identify a flower, and helping to generate an email to congratulate a coworker on a promotion.

Windows Defender Advanced Threat Protection - Ransomware response playbook

This playbook discusses how enterprises can leverage Windows Defender ATP to detect, investigate, and mitigate ransomware threats in their networks.

Important! Selecting a language below will dynamically change the complete page content to that language.

Download

  • Version:

    1.0

    Date Published:

    4/17/2017

    File Name:

    Windows Defender ATP - Ransomware response playbook.pdf

    File Size:

    1.7 MB

    This document provides an overview of how enterprise customers can leverage Windows Defender Advanced Threat Protection (Windows Defender ATP) to detect, investigate, and mitigate ransomware threats in their networks. It walks through different stages of incident response and shows how Windows Defender ATP can serve as an invaluable tool during each of these stages. This playbook refers to a real-world infection involving Cerber ransomware, one of the most active ransomware families. It shows how Windows Defender ATP can help catch a specific Cerber variant and, at the same time, catch ransomware behavior generically.

  • Supported Operating Systems

    Windows 10

    Use a web browser or a PDF reader to view this document.

  • No special instructions required.

Follow Microsoft

Back To Top