|

Block the automated onboarding of Defender for Endpoint without disabling the integration in Defender for Cloud:

ByThomas Verheyden

You can find my previous blog posts on my medium site.

Block the automated onboarding of mde without disabling the mde integration:

https://medium.com/@vertho/defender-for-servers-block-the-automated-onboarding-of-mde-without-disabling-the-mde-integration-bc9c2ac89552

Similar Posts

Unleash the power of Defender for Servers Plan 2: Adaptive Application Controls – Part 2

ByThomas Verheyden

Welcome, this is the second part of the Defender for server P2 advanced protection series I will blog about.  If you want to read the other parts they can be found here: The topic of this blog will be about how to start with adaptive application controls (ACC). Let’s begin with explaining high level what…

Unleash the power of Defender for Servers Plan 2: The Intro – Part 0

ByThomas Verheyden

Introduction I decided to start a blog series about the Advanced protection features which are included in the Defender for Servers Plan 2 provided by Microsoft Defender for Cloud. More and more companies are starting to use Defender for Servers but are uncertain which plan to choose for. With this blog series I would like…

How to work around the Azure Security Agent extension not deploying by default on the latest VM windows images, a currently know limitation…

ByThomas Verheyden

Intro This blog will be about an issue I bumped into when deploying one of the enhanced protection features in defender for cloud. The enhanced feature, adaptive application control, requires the deployment of the Azure Monitor Agent. The Azure Monitoring Agent also installs additional extensions. One of those additional extensions is the Azure Security Agent…

Microsoft Defender for Endpoint settings management: Enhancements

ByThomas Verheyden

*UPDATE 17/07/2023* Added extra information about system labels Intro Microsoft is doing a very good job at listening to their customers, partners and MVP’s lately. One of the highly requested feature was to simplify the requirements for their MDE settings management (AKA ‘MDE Attach’) . But that’s not all, more exciting news will be announced…

Tutorial: Change the workspace destination of your already provisioned Data Collection Rule used by the Azure Monitoring Agent

Tutorial: Change the workspace destination of your already provisioned Data Collection Rule used by the Azure Monitoring Agent

ByThomas Verheyden

Intro This post is inspired on different setups I saw while working with my clients. More and more clients are leveraging the Azure Monitoring Agent (AMA) and Data Collection Rules (DCR) to collect log data. I’ve noticed that clients sometimes are sending logs data to different Log Analytics Workspace (LAW), without them being aware. Most…

Unleash the power of defender plan 2: Just-in-time VM access – part 4

ByThomas Verheyden

Intro Malicious actors actively search for machines with open management ports, such as RDP or SSH, to exploit. All of your virtual machines are potential targets for these attacks if you have those ports open. Once a VM is compromised, it serves as a entry point for the attackers to target other resources within your…

Leave a Reply