Stopping data exfiltration dead using Microsoft 365 Endpoint DLP

Protecting sensitive data from risky or inappropriate copying, sharing, transfer, or use is a top priority for any organization. Remote working and data sharing across a plethora of corporate and personally owned devices have created renewed emphasis on providing strong and coordinated protection on the endpoint's employees use every day.

Microsoft Endpoint DLP identifies and protects information on endpoints. It extends the activity monitoring and protection capabilities of DLP to sensitive items that are physically stored on Windows 10, Windows 11, and macOS devices. It delivers three core capabilities: Native protection, seamless deployment, and integrated insights.

In this session, Luke will play the disgruntled employee looking to try and conduct some insider data exfiltration with Jon playing the part of the defenders to try and stop Luke dead in his tracks!

After attending this session, you will understand at a high-level:

What Endpoint DLP is, what are the capabilities and how it can better protect your data
A live demo of Endpoint attacker vs defender
How you can take the insights of Endpoint DLP and integrate it into the Microsoft Sentinel

Technologies in this session will be

Microsoft Teams
Endpoint DLP
Windows 10/11