Microsoft Defender for EndPoint Tech Overview!
Вставка
- Опубліковано 5 лип 2024
- This time it’s the turn of Microsoft Defender for EndPoint and in this session I’ll provide an overview of some of it’s cool capabilities. With cybercriminals on the rise, defending your environment has never been so important. Defender for Endpoint can play a critical part at keeping the bad guys out. It’s a critical component in Microsoft’s zero trust strategy and not only helps in keeping the bad guys out, it also provides deep insights into what there doing and what threats they bring. So if you’re looking to get a start in learning this cool technology, then this is a session you won’t want to miss.
You can find out more about me and my services via my website Andymalone.org
Other videos in this series
Defender for Cloud
• Get started with Micro...
Microsoft Azure Sentinel
• Get Started with Azure...
Genuinely look forward to all your videos. Have many on my 'watch later' playlist so I can study them. Appreciate you sharing your knowledge.
Thank you Andy! I'm a Technical Pre-sales, recently my company assigned me to follow up the MS 365 Defender product line. Thank you for the whole MS 365 Defender series videos. Saved a lot of time & you have "pinpoint" the proper deployment procedures.
Thank you Andy for all your tutorials. big help for us. keep going. 😃
Thank you.. am beginner in this and learned alot
A very useful & detailed navigational insight &
Another great one. Didn't even see this one!
Thank you kindly👍
Andy, content is fantastic 👌
Thanks Ted, I appreciate it
Thank you👍
Love this tutorial. even better than microsoft documentation and embedded videos. microsoft documentation is like up selling
Delighted to hear that thank you so much
Great video . Thanks Andy...!!! Do you plan do more Exchange online Video's ? Greatly appreciated...!!
Hi Andy, great content. I have a question. Are the recommendations that are visible in Vulnerability Management in Microsoft Defender for Endpoint coming from Qualys or from Microsoft themselves? Thanks
I’m afraid that is a question for the product team. I would reach out to them via the Microsoft defender for endpoint blog or via Microsoft tech community. Good luck.
Nice explanation! I was wondering if there’s a way to set automation behavior where the device will get isolated by default if a specific incident happens, for instance, ransomware incident..etc Thanks
Absolutely. If ransomeware is detected. Defender will isolate the machione from your network, allowing to perform an investigation. techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/defending-against-ransomware-with-microsoft-defender-for/ba-p/3243941
Thank you Andy. A question: In this video you are showing Windows Server 2019 in the endpoint inventory. What this server on-boarded just like windows 10/11 or did you have to have a specific/separate licence/plan for servers?
It’s on boarded through a hybrid joint. As I said in the video you cannot manage it in tune only view it in Entra ID. You can manage it through conditional access though.
Can you please kindly make a video on how to install Microsoft Defender Identity Protection or Azure Defender Identity Protection in Windows Server 2016/2019 or 2022
Love the video Andy whats best way to block software through Defender Portal? Through ASR or some other way?
You can use defender for cloud apps or Intune
@@AndyMaloneMVP Sorry I should have put in that I am running a WDAC policy and want to put to in exclusions for certain software, is there a best way to do this? thanks again Andy much appreciated
Do you know of any courses that you can recommend to really learn the Defender platform? Thanks Andy. I appreciate all your work.
Yea I’d study SC-200👍
Hello Andy. As always, a great video!
It is possible to make a video to show us how to bring the security score to an higher level? And this without ASR? Because not every Company use the Defende as a primery Solution for Anti-Virus.
Sure, I’ll add it to my list 😊
MS is owning the XDR/security realm!
@3:30 - how does one use Intune to auto onboard a Win 10/11 device?
what is this onboarding package? how do you use it?
Click on the endpoint option in defender for 365 within settings
Thanks for great stuff as always
I have a question , i applied forwarding on shared mailbox to an external email. Emails which are coming internally (same domain) to shared mailbox are being forwarded to external email normally.
But if it comes from a different domain then it directs the mail to our CEO email.
We have catch all rule which directs the mail to our CEO's mailbox.
Could you please advise on this
Mail on which it
Not sure sorry. Sounds like a conflict n one of your rules.
@@AndyMaloneMVP
I am trying to login to the outlook, but it gives the error : we couldn't sign in , error code is 80070005
It's a 365 email
I have already removed the account from Access work or school
@@bablukhanna9156 if I were you, I would post a question on the Microsoft tech community. I think you’ll probably get somebody helping you here. Best of luck
i am unable to install defender agent getting error on all windows 2012R2 servers 2012 R2 - MpAsDesc.dll 310
Post a question to the Microsoft Tech Community.
My Question is, after investing in MS Defender, you still have Ransomware infection! What’s the point of having the defender! Does defender ship with restore to previous good state like SentinelOne does?
If you watched my demo, you’ll notice that one of the first things that I did was to isolate that machine from others on the network. That is the point of defender, it allows you to be proactive rather than reactive when an incident takes place. The isolation and cleanup can also be automated of course.
@andy the question I normally face is what I’m putting to you, with defender why do I still get Ransomware infection? And not block or stop it from the beginning like how it’s able to block or quarantine any other malware
@@roose_tv you wouldn’t. This was a demo to demonstrate it. For more details, check out docs.microsoft.com or visit the Microsoft tech community for more details.
@@roose_tv defender aside, are use a feature called safe attachments and safe lengths which comes part of Microsoft defender for 365. Detaches attachments scans them and cleans them before reattaching them. I find excellent removing said malware.
@@roose_tv You make it sound like there is an infallible security product capable of stopping any ransomware... the best that ANYONE can do currently against it is prevention and containment and... hope for the best.
There are too many defender products. Defender Application Guard is good subject.