๐ก Think your disconnected environment canโt use AI-driven protection? Think again.
With Microsoftโs Streamlined Connectivity, enabling Defender for Endpoint in restricted networks has never been easier. Proxies make it possibleโhereโs how to do it right: https://blog.brianbaldock.net/mde-proxies-2025
#CyberSecurity #DefenderForEndpoint #XDR
#DefenderForEndpoint
Security Management Features di Defender for Endpoint per i Domain Controllers (in Preview)!
#CyberSecurity #DefenderForEndpoint #DomainControllers #SecurityManagement #ICTPower
Take advantage of Microsoft Defender for Endpoint to defend against advanced threats targeting your endpoints, including malware, ransomware, and sophisticated attacks. #DefenderForEndpoint #EndpointSecurity
Comprehensive guidance for the Defender community on MDE's capabilities so you know exactly what's available
The v6 update has 15 changes, including:
โข New ASR capabilities
โข New Defender antivirus capabilities
โข New device response actions
โข Much more!
Ultimate Comparison of Defender for Endpoint Features by OS - Ru Campbell MVP
https://campbell.scot/feb-2024-ultimate-comparison-of-defender-for-endpoint-features-by-os/
#microsoftdefender #defender #mde #m365 #microsoft365 #defenderforendpoint #edr #xdr #microsoft #blueteam #azure
๐๐ซ๐จ๐ญ๐๐๐ญ ๐ฎ๐ง๐ฆ๐๐ง๐๐ ๐๐ ๐จ๐ซ 3๐ซ๐ ๐ฉ๐๐ซ๐ญ๐ฒ ๐๐๐ ๐ฆ๐๐ง๐๐ ๐๐ ๐ข๐๐/๐๐ง๐๐ซ๐จ๐ข๐ ๐๐๐ฏ๐ข๐๐๐ฌ ๐ฐ๐ข๐ญ๐ก ๐๐๐
In this blog post, you will learn how to protect unmanaged (personal) or 3rd party MDM managed iOS and Android devices with Microsoft Defender for Endpoint as your Mobile Threat Defense (MTD) solution.
The solution leverages Intuneโs App Protection Policies aka MAM to enforce Device Protection with MDE regardless of the device enrollment state.
#mde #defender #defenderforendpoint #mtd #mobile #mobileprotection #mobilerhreatdefence #edr #xdr #microsoft #microsoftsecurity #soc #intune #mdm #mam #byod #ios #android #cloudnative
Free training for Microsoft Defender for Endpoint, Microsoft's industry leading XDR solution:
"Become a Microsoft Defender for Endpoint Ninja"
https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/become-a-microsoft-defender-for-endpoint-ninja/ba-p/1515647
Documentation: "Microsoft Defender for Endpoint"
https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/?view=o365-worldwide
#microsoft #msftadvocate #ninjatraining #defender #mde #defenderforendpoint
@smfinlay
I've seen some inconsistent behavior with case sensitivity with ==, maybe see if it works if the case matches. Could also be a space in the data.
For those familiar with #DefenderforEndpoint and #KQL advanced hunting, do you know why I would get results from the query using the "contains" operator and get no results using the "==" operator?
๐๐ฎ๐ ๐ฆ๐๐ง๐ญ ๐ฒ๐จ๐ฎ๐ซ ๐๐๐ ๐ฐ๐ข๐ญ๐ก ๐๐๐๐๐ฉ๐ญ๐ข๐จ๐ง ๐ญ๐๐๐ญ๐ข๐๐ฌ ๐ญ๐จ ๐๐๐ญ๐๐ก ๐๐๐ฏ๐๐ซ๐ฌ๐๐ซ๐ข๐๐ฌ ๐๐๐ซ๐ฅ๐ฒ
Deception is now a built-in capability in Microsoft Defender for Endpoint.
Deception in Defender for Endpoint provides customers with:
โก ๐๐ข๐ ๐ก ๐๐จ๐ง๐๐ข๐๐๐ง๐๐ ๐๐๐ญ๐๐๐ญ๐ข๐จ๐ง๐ฌ ๐๐ง๐ ๐๐ฎ๐ญ๐จ๐ฆ๐๐ญ๐ข๐ ๐๐ข๐ฌ๐ซ๐ฎ๐ฉ๐ญ๐ข๐จ๐ง ๐จ๐ ๐ญ๐ก๐ซ๐๐๐ญ๐ฌ โ Detects human operated lateral movement in the early stages of a cyber-attack and triggers attack disruption to contain the threat.
โก๐๐-๐ฉ๐จ๐ฐ๐๐ซ๐๐ ๐ ๐๐ง๐๐ซ๐๐ญ๐ข๐จ๐ง ๐จ๐ ๐๐ฎ๐ญ๐ก๐๐ง๐ญ๐ข๐ ๐๐๐๐จ๐ฒ๐ฌ ๐๐ง๐ ๐ฅ๐ฎ๐ซ๐๐ฌ โ Defender for Endpoint uses machine learning to autogenerate and deploy authentic decoys and lures into your network that mirror production assets
โก๐๐ฎ๐ข๐ฅ๐ญ ๐ข๐ง๐ญ๐จ ๐ญ๐ก๐ ๐๐ฑ๐ข๐ฌ๐ญ๐ข๐ง๐ ๐๐ง๐๐ฉ๐จ๐ข๐ง๐ญ ๐๐ ๐๐ง๐ญ - no additional deployment or management of sensors on your network.
โก๐๐ง๐ญ๐๐ ๐ซ๐๐ญ๐๐ ๐ข๐ง๐ญ๐จ ๐ญ๐ก๐ ๐๐๐ ๐๐๐ ๐๐ฑ๐ฉ๐๐ซ๐ข๐๐ง๐๐ โ for easy, end to end investigation of attacks
#defender #microsoftdefender #mde #xdr #deception #azure #microsoft #microsoftsecurity #soc #ransomware #ai #aisecurity #analyst #defenderforendpoint #cloudnative #cloudsecurity
S๐๐ฟ๐ฒ๐ฎ๐บ๐น๐ถ๐ป๐ฒ๐ฑ ๐ฑ๐ฒ๐๐ถ๐ฐ๐ฒ ๐ฐ๐ผ๐ป๐ป๐ฒ๐ฐ๐๐ถ๐๐ถ๐๐ ๐ฒ๐ ๐ฝ๐ฒ๐ฟ๐ถ๐ฒ๐ป๐ฐ๐ฒ ๐ณ๐ผ๐ฟ ๐ ๐ถ๐ฐ๐ฟ๐ผ๐๐ผ๐ณ๐ ๐๐ฒ๐ณ๐ฒ๐ป๐ฑ๐ฒ๐ฟ ๐ณ๐ผ๐ฟ ๐๐ป๐ฑ๐ฝ๐ผ๐ถ๐ป๐
To help simplify device connectivity and management, we are excited to announce a new method that streamlines the device connectivity and onboarding experience for Microsoft Defender for Endpoint, now available in public preview for Windows OS.
The Defender for Endpoint-recognized simplified domain *.๐ฒ๐ป๐ฑ๐ฝ๐ผ๐ถ๐ป๐.๐๐ฒ๐ฐ๐๐ฟ๐ถ๐๐.๐บ๐ถ๐ฐ๐ฟ๐ผ๐๐ผ๐ณ๐.๐ฐ๐ผ๐บ will consolidate and replace URLs for the following core Defender for Endpoint services:
- Cloud-delivered protection (MAPS)
- Malware sample submission storage
- Automated investigation and remediation sample storage
- Defender for Endpoint command and control
- Endpoint detection and response cyber data
#defenderforendpoint #mde #edr #microsoft #microsoftsecurity #endpoint #azure #networking #network #microsoftdefenderforendpoint #cybersecurity #cyber
S๐๐ฟ๐ฒ๐ฎ๐บ๐น๐ถ๐ป๐ฒ๐ฑ ๐ฑ๐ฒ๐๐ถ๐ฐ๐ฒ ๐ฐ๐ผ๐ป๐ป๐ฒ๐ฐ๐๐ถ๐๐ถ๐๐ ๐ฒ๐ ๐ฝ๐ฒ๐ฟ๐ถ๐ฒ๐ป๐ฐ๐ฒ ๐ณ๐ผ๐ฟ ๐ ๐ถ๐ฐ๐ฟ๐ผ๐๐ผ๐ณ๐ ๐๐ฒ๐ณ๐ฒ๐ป๐ฑ๐ฒ๐ฟ ๐ณ๐ผ๐ฟ ๐๐ป๐ฑ๐ฝ๐ผ๐ถ๐ป๐
To help simplify device connectivity and management, we are excited to announce a new method that streamlines the device connectivity and onboarding experience for Microsoft Defender for Endpoint, now available in public preview for Windows OS.
The Defender for Endpoint-recognized simplified domain *.๐ฒ๐ป๐ฑ๐ฝ๐ผ๐ถ๐ป๐.๐๐ฒ๐ฐ๐๐ฟ๐ถ๐๐.๐บ๐ถ๐ฐ๐ฟ๐ผ๐๐ผ๐ณ๐.๐ฐ๐ผ๐บ will consolidate and replace URLs for the following core Defender for Endpoint services:
- Cloud-delivered protection (MAPS)
- Malware sample submission storage
- Automated investigation and remediation sample storage
- Defender for Endpoint command and control
- Endpoint detection and response cyber data
#defenderforendpoint #mde #edr #microsoft #microsoftsecurity #endpoint #azure #networking #network #microsoftdefenderforendpoint #cybersecurity #cyber
My latest #project is coming to an end, and Iโll be honest, itโs been fun and an interesting piece of work.
Inplementing a Network, Detection and Response (#ndr) platform powered by #bluehexagon (now owned by #qualys) , with full integration into #Sentinel and #defenderforendpoint.
The interesting part was creating a custom #powershell #cmdlet / toolset for security engineering to integrate data as part of security incidents. Had me brushing off my coding skills and remembering how much I actually enjoy it!
This also means, my diary is now free from the end of this monthโฆ so am #opentowork.
Check out my #blog at https://paulsanders.co.uk for some (not so much upto date) posts.
๐๐ฒ๐ณ๐ฒ๐ป๐ฑ๐ถ๐ป๐ด ๐ป๐ฒ๐ ๐๐ฒ๐ฐ๐๐ผ๐ฟ๐: ๐ง๐ต๐ฟ๐ฒ๐ฎ๐ ๐ฎ๐ฐ๐๐ผ๐ฟ๐ ๐ฎ๐๐๐ฒ๐บ๐ฝ๐ ๐ฆ๐ค๐ ๐ฆ๐ฒ๐ฟ๐๐ฒ๐ฟ ๐๐ผ ๐ฐ๐น๐ผ๐๐ฑ ๐น๐ฎ๐๐ฒ๐ฟ๐ฎ๐น ๐บ๐ผ๐๐ฒ๐บ๐ฒ๐ป๐
Nice write-up by Microsoft security researchers about new campaign where attackers attempted to move laterally to a cloud environment through a SQL Server instance.
Attackers are now attempting to move laterally into cloud environments via SQL Server instancesโa method previously seen in VMs and Kubernetes clusters but not in SQL Server.
#microsoft #microsoftsecurity #securityresearch #azure #SQL #cloudlateralmovement #lateralmovement #cloudsecurity #cloudnative #cybersecurity #soc #defenderforcloud #defenderforendpoint #mde #xdr #edr #defenderforsql #soc
Today we are excited to announce the public preview of a ๐๐ป๐ถ๐ณ๐ถ๐ฒ๐ฑ ๐๐ฒ๐ฐ๐๐ฟ๐ถ๐๐ ๐๐ฒ๐๐๐ถ๐ป๐ด๐ ๐บ๐ฎ๐ป๐ฎ๐ด๐ฒ๐บ๐ฒ๐ป๐ ๐ฒ๐ ๐ฝ๐ฒ๐ฟ๐ถ๐ฒ๐ป๐ฐ๐ฒ that offers a consistent, single source of truth for ๐บ๐ฎ๐ป๐ฎ๐ด๐ถ๐ป๐ด ๐ฒ๐ป๐ฑ๐ฝ๐ผ๐ถ๐ป๐ ๐๐ฒ๐ฐ๐๐ฟ๐ถ๐๐ ๐๐ฒ๐๐๐ถ๐ป๐ด๐ ๐ฎ๐ฐ๐ฟ๐ผ๐๐ ๐ช๐ถ๐ป๐ฑ๐ผ๐๐, ๐บ๐ฎ๐ฐ๐ข๐ฆ, ๐ฎ๐ป๐ฑ ๐๐ถ๐ป๐๐ .
๐๐ ๐ถ๐ ๐ฏ๐๐ถ๐น๐ ๐ถ๐ป๐๐ผ ๐๐ต๐ฒ ๐ ๐ถ๐ฐ๐ฟ๐ผ๐๐ผ๐ณ๐ ๐ฏ๐ฒ๐ฑ ๐๐ฒ๐ณ๐ฒ๐ป๐ฑ๐ฒ๐ฟ ๐ฝ๐ผ๐ฟ๐๐ฎ๐น, and therefore easily accessible for security teams, but built on the powerful capabilities of Microsoft Intune.
#mde #defenderforendpoint #security #securitysettings #management #microsoft #microsoftsecurity #microsoft365defedner #xdr #edr #soc #intune #device #devicemanagement #unifiedexperience #azure #cloud #cloudnative #windows #linux #macos #epp
Automatically disrupt adversary-in-the-middle (AiTM) attacks with Microsoft XDR
Microsoft announced expansion of automatic attack disruption to include adversary-in-the-middle attacks (AiTM) attacks, in an addition to the previously announced public preview for business email compromise (BEC) and human-operated ransomware attacks.
#microsoft #email #business #AiTM #bec #xdr #azure #soc #securityplatform #defender #defenderforidentity #defenderforcloudapps #defenderforendpoint #microsoft365defender #cloudsecurity #securityanalytst
Novitร in ambito Security Settings Management di Microsoft Defender for Endpoint: supporto ampliato per le regole di Attack Surface Reduction.
Security Settings Management รจ una modalitร di gestione delle impostazioni di MDE che permette di distribuire le stesse anche su dispositivi non enrollati in Intune.
Tutti i dettagli e la solita documentazione a go-go nell'articolo di oggi.
Metti in sicurezza i tuoi Mac usando le raccomandazioni di Microsoft Defender for Endpoint come piano di hardening.
โก๏ธ https://youtu.be/ZNcZfEXnnzU
Oggi vediamo come impostare una strategia completa di hardening per i tuoi Mac aziendali: lโintegrazione con il resto dellโinfrastruttura cosรฌ sarร piรน sicura e la postura di sicurezza migliorerร .
Se vuoi seguire contenuti come questo, iscriviti al mio canale YouTube: ti aspetto!
๐ก๏ธ The Hitchhiker's Guide to Microsoft Defender for Endpoint exclusions
In this comprehensive guide I explain all available Defender for Endpoint exclusions, how they interact and which ones to use and which to avoid.
If you haven't already check it out, now is a great time.
#MDE #MDAV #Exclusion #Defender #DefenderForEndpoint #Security #AV
Client Info
Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst