Would love if we could have the domain categorization info as part of the Domain page in the Defender portal instead of having to go digging in the web protection reports
#DefenderforEndpoint
#DefenderforEndpoint
November 11, 2024 at 3:05 PM
Would love if we could have the domain categorization info as part of the Domain page in the Defender portal instead of having to go digging in the web protection reports
#DefenderforEndpoint
#DefenderforEndpoint
Having worked extensively with Attack Surface Reduction (ASR) Rules recently, I thought it would be good to share some knowledge in relation to ASR alerting (or in some cases the lack of).
paul-82465.medium.com/asr-rule-ale...
#DefenderforEndpoint #ASR #MDE #AttackSurfaceReduction
paul-82465.medium.com/asr-rule-ale...
#DefenderforEndpoint #ASR #MDE #AttackSurfaceReduction
ASR Rule Alerting — Don’t assume!
Over the last few years I’ve helped many organisations deploy Microsoft Defender for Endpoint, and when it comes to implementing Attack…
paul-82465.medium.com
March 3, 2025 at 10:58 AM
Having worked extensively with Attack Surface Reduction (ASR) Rules recently, I thought it would be good to share some knowledge in relation to ASR alerting (or in some cases the lack of).
paul-82465.medium.com/asr-rule-ale...
#DefenderforEndpoint #ASR #MDE #AttackSurfaceReduction
paul-82465.medium.com/asr-rule-ale...
#DefenderforEndpoint #ASR #MDE #AttackSurfaceReduction
Microsoft 365 Defender for Endpoint - Advanced hunting on suspicion with Kusto Query Language!
@microsoft.com @msftsecurity.bsky.social @github.com @microsoft365.bsky.social #Microsoft #KustoQueryLanguage #EMS #mvpbuzz #Security #coolstuff #DefenderForEndpoint
👇👇👇👇
github.com/tomwechsler/...
@microsoft.com @msftsecurity.bsky.social @github.com @microsoft365.bsky.social #Microsoft #KustoQueryLanguage #EMS #mvpbuzz #Security #coolstuff #DefenderForEndpoint
👇👇👇👇
github.com/tomwechsler/...
github.com
December 8, 2024 at 3:20 PM
Microsoft 365 Defender for Endpoint - Advanced hunting on suspicion with Kusto Query Language!
@microsoft.com @msftsecurity.bsky.social @github.com @microsoft365.bsky.social #Microsoft #KustoQueryLanguage #EMS #mvpbuzz #Security #coolstuff #DefenderForEndpoint
👇👇👇👇
github.com/tomwechsler/...
@microsoft.com @msftsecurity.bsky.social @github.com @microsoft365.bsky.social #Microsoft #KustoQueryLanguage #EMS #mvpbuzz #Security #coolstuff #DefenderForEndpoint
👇👇👇👇
github.com/tomwechsler/...
✨ #blog An excellent feature to close the gap when endpoints aren’t registering with Entra and not enrolling in Intune as expected.
#MicrosoftEntra #DefenderXDR #DefenderforEndpoint #EndpointSecurity #MicrosoftIntune
wp.me/pb2Sd0-2rZ
#MicrosoftEntra #DefenderXDR #DefenderforEndpoint #EndpointSecurity #MicrosoftIntune
wp.me/pb2Sd0-2rZ
How a Synthetic Registration in Entra ID Can Protect the Devices ASAP with Defender for Endpoint?
One of the popular queries I have got by working with many customers for their Defender for Endpoint deployment projects is We need the Defender Security Policies to be assigned and working as soon…
wp.me
November 27, 2024 at 3:33 PM
✨ #blog An excellent feature to close the gap when endpoints aren’t registering with Entra and not enrolling in Intune as expected.
#MicrosoftEntra #DefenderXDR #DefenderforEndpoint #EndpointSecurity #MicrosoftIntune
wp.me/pb2Sd0-2rZ
#MicrosoftEntra #DefenderXDR #DefenderforEndpoint #EndpointSecurity #MicrosoftIntune
wp.me/pb2Sd0-2rZ
Looking for a contact within Microsoft who can tell me more about this : . It's in beta and a customer wants to know when this is out of beta. #security #defenderforendpoint #defender
docs.microsoft.com/en-us/microsof…
docs.microsoft.com/en-us/microsof…
November 25, 2024 at 10:37 PM
Looking for a contact within Microsoft who can tell me more about this : . It's in beta and a customer wants to know when this is out of beta. #security #defenderforendpoint #defender
docs.microsoft.com/en-us/microsof…
docs.microsoft.com/en-us/microsof…
[Tip!] Still running MMA for Defender for Endpoint on older Windows Servers/Clients? Not sure? Then check out these queries:
github.com/alexverboon/...
#DefenderForEndpoint #Security #StayCurrent
github.com/alexverboon/...
#DefenderForEndpoint #Security #StayCurrent
February 5, 2025 at 9:48 PM
[Tip!] Still running MMA for Defender for Endpoint on older Windows Servers/Clients? Not sure? Then check out these queries:
github.com/alexverboon/...
#DefenderForEndpoint #Security #StayCurrent
github.com/alexverboon/...
#DefenderForEndpoint #Security #StayCurrent
#DefenderForEndpoint
Having fun looking through ASR data 🧐
DeviceEvents
| where ActionType == "AsrOfficeMacroWin32ApiCallsAudited"
| where InitiatingProcessCommandLine contains 'Downloads'
Having fun looking through ASR data 🧐
DeviceEvents
| where ActionType == "AsrOfficeMacroWin32ApiCallsAudited"
| where InitiatingProcessCommandLine contains 'Downloads'
November 17, 2024 at 10:53 PM
#DefenderForEndpoint
Having fun looking through ASR data 🧐
DeviceEvents
| where ActionType == "AsrOfficeMacroWin32ApiCallsAudited"
| where InitiatingProcessCommandLine contains 'Downloads'
Having fun looking through ASR data 🧐
DeviceEvents
| where ActionType == "AsrOfficeMacroWin32ApiCallsAudited"
| where InitiatingProcessCommandLine contains 'Downloads'
Microsoft 365 Defender for Endpoint - Microsoft Graph and PowerShell - List alerts for advanced hunting!
@microsoft.com @microsoft365.bsky.social @github.com @mvpaward.bsky.social #Microsoft #MicrosoftGraph #PowerShell #mvpbuzz #Security #coolstuff #DefenderForEndpoint
👇👇👇
github.com/tomwechsler/...
@microsoft.com @microsoft365.bsky.social @github.com @mvpaward.bsky.social #Microsoft #MicrosoftGraph #PowerShell #mvpbuzz #Security #coolstuff #DefenderForEndpoint
👇👇👇
github.com/tomwechsler/...
Microsoft_Graph/Microsoft_365/Defender/Defender_alerts.ps1 at main · tomwechsler/Microsoft_Graph
Manage Azure and Microsoft 365 with the Microsoft Graph PowerShell SDK! - tomwechsler/Microsoft_Graph
github.com
December 10, 2024 at 4:48 PM
Microsoft 365 Defender for Endpoint - Microsoft Graph and PowerShell - List alerts for advanced hunting!
@microsoft.com @microsoft365.bsky.social @github.com @mvpaward.bsky.social #Microsoft #MicrosoftGraph #PowerShell #mvpbuzz #Security #coolstuff #DefenderForEndpoint
👇👇👇
github.com/tomwechsler/...
@microsoft.com @microsoft365.bsky.social @github.com @mvpaward.bsky.social #Microsoft #MicrosoftGraph #PowerShell #mvpbuzz #Security #coolstuff #DefenderForEndpoint
👇👇👇
github.com/tomwechsler/...
Identifying vulnerabilities is just the first step—how you assess, prioritize, and remediate them defines your security posture.
Read more: levacloud.com/2025/02/26/v...
#CyberSecurity #MicrosoftSecurity #VulnerabilityAssessmentProcess #DefenderForEndpoint #DefenderForCloud #Intune #RiskManagement
Read more: levacloud.com/2025/02/26/v...
#CyberSecurity #MicrosoftSecurity #VulnerabilityAssessmentProcess #DefenderForEndpoint #DefenderForCloud #Intune #RiskManagement
February 26, 2025 at 6:59 PM
Identifying vulnerabilities is just the first step—how you assess, prioritize, and remediate them defines your security posture.
Read more: levacloud.com/2025/02/26/v...
#CyberSecurity #MicrosoftSecurity #VulnerabilityAssessmentProcess #DefenderForEndpoint #DefenderForCloud #Intune #RiskManagement
Read more: levacloud.com/2025/02/26/v...
#CyberSecurity #MicrosoftSecurity #VulnerabilityAssessmentProcess #DefenderForEndpoint #DefenderForCloud #Intune #RiskManagement
🚀 Need to control USB device access in your organization? Here is how I created a policy using Intune! Learn how to block unauthorized USBs and ensure data security. Watch now! 📺🔒 #CyberSecurity #Intune #DefenderForEndpoint youtu.be/TpPPjQfBzCI
Control USB Devices using Defender for Endpoint and Intune (Device Control)
YouTube video by Doug Does Tech
youtu.be
December 6, 2024 at 6:04 PM
🚀 Need to control USB device access in your organization? Here is how I created a policy using Intune! Learn how to block unauthorized USBs and ensure data security. Watch now! 📺🔒 #CyberSecurity #Intune #DefenderForEndpoint youtu.be/TpPPjQfBzCI
New blog post: Getting started with the Microsoft Defender Browser Protection extension for Google Chrome
petervanderwoude.nl/post/getting...
#MSIntune #Intune #EMS #MDM #Windows10 #Windows11 #GoogleChrome #MDE #DefenderForEndpoint #SmartScreen
petervanderwoude.nl/post/getting...
#MSIntune #Intune #EMS #MDM #Windows10 #Windows11 #GoogleChrome #MDE #DefenderForEndpoint #SmartScreen
June 9, 2025 at 6:05 PM
New blog post: Getting started with the Microsoft Defender Browser Protection extension for Google Chrome
petervanderwoude.nl/post/getting...
#MSIntune #Intune #EMS #MDM #Windows10 #Windows11 #GoogleChrome #MDE #DefenderForEndpoint #SmartScreen
petervanderwoude.nl/post/getting...
#MSIntune #Intune #EMS #MDM #Windows10 #Windows11 #GoogleChrome #MDE #DefenderForEndpoint #SmartScreen
Use #KQL to identify the use of Portable Apps across your #DefenderforEndpoint devices
github.com/alexverboon/...
github.com/alexverboon/...
April 5, 2025 at 3:06 PM
Use #KQL to identify the use of Portable Apps across your #DefenderforEndpoint devices
github.com/alexverboon/...
github.com/alexverboon/...
In my latest blog post, I wanted to talk about the nuances most organizations overlook with #defenderforendpoint device isolation and containment, and how these capabilities can co-exist next to containment actions via networking equipment.
hybridbrothers.com/device-isola...
#Microsoft
hybridbrothers.com/device-isola...
#Microsoft
Device isolation and containment strategies
Introduction
As a Security Operation Center, you want to be able to contain devices and users on a network as a response to an adversary event. However, depending on the security stack you are usin...
hybridbrothers.com
December 9, 2024 at 10:09 PM
In my latest blog post, I wanted to talk about the nuances most organizations overlook with #defenderforendpoint device isolation and containment, and how these capabilities can co-exist next to containment actions via networking equipment.
hybridbrothers.com/device-isola...
#Microsoft
hybridbrothers.com/device-isola...
#Microsoft
@levacloud.bsky.social Tamper Protection in Microsoft Defender for Endpoint - Learn how to configure and enforce it in our newest blog post to prevent attackers from disabling security settings.
levacloud.com/2025/02/25/t...
#DefenderForEndpoint #TamperProtection #Levacloud #MicrosoftSecurity
levacloud.com/2025/02/25/t...
#DefenderForEndpoint #TamperProtection #Levacloud #MicrosoftSecurity
February 25, 2025 at 7:21 PM
@levacloud.bsky.social Tamper Protection in Microsoft Defender for Endpoint - Learn how to configure and enforce it in our newest blog post to prevent attackers from disabling security settings.
levacloud.com/2025/02/25/t...
#DefenderForEndpoint #TamperProtection #Levacloud #MicrosoftSecurity
levacloud.com/2025/02/25/t...
#DefenderForEndpoint #TamperProtection #Levacloud #MicrosoftSecurity
From onboarding failures to passive mode conflicts and network blocks, our latest guide breaks down the most common causes (and how to fix them) so you can restore full protection fast.
levacloud.com/2025/10/29/d...
#MicrosoftDefender #EndpointSecurity #DefenderForEndpoint #MDESecurity #Levacloud
levacloud.com/2025/10/29/d...
#MicrosoftDefender #EndpointSecurity #DefenderForEndpoint #MDESecurity #Levacloud
October 29, 2025 at 12:28 PM
From onboarding failures to passive mode conflicts and network blocks, our latest guide breaks down the most common causes (and how to fix them) so you can restore full protection fast.
levacloud.com/2025/10/29/d...
#MicrosoftDefender #EndpointSecurity #DefenderForEndpoint #MDESecurity #Levacloud
levacloud.com/2025/10/29/d...
#MicrosoftDefender #EndpointSecurity #DefenderForEndpoint #MDESecurity #Levacloud