-
Intro When you want to investigate a endpoint that has indication of being comprised you might want to put the endpoint in Defender for Endpoint isolation mode. Isolation will disconnected the potential comprised endpoint from the network and will only allow connection to Defender for Endpoint Service. Depending on your OS level you can also
-
*UPDATE 17/07/2023* Added extra information about system labels Intro Microsoft is doing a very good job at listening to their customers, partners and MVP’s lately. One of the highly requested feature was to simplify the requirements for their MDE settings management (AKA ‘MDE Attach’) . But that’s not all, more exciting news will be announced
-
Intro Welcome to part three of the blog series on Unleach the power of Defender for Servers Plan 2! In our previous blog, we explored how to start implementing Adaptive Application control. In part 3, we’ll dive into the concept of agentless scanning, which is included in Defender for Cloud Plan 2. We’ll explore what
-
Intro Up until now, onboarding non-Azure servers to Defender for Servers required Azure Arc as a mandatory pre-requisite. With this new release, Microsoft is introducing an additional direct onboarding path for non-Azure servers that does not require Azure Arc (making it optional rather than mandatory).
-
Welcome, this is the second part of the Defender for server P2 advanced protection series I will blog about. If you want to read the other parts they can be found here: The topic of this blog will be about how to start with adaptive application controls (ACC). Let’s begin with explaining high level what
-
Intro This blog will be about an issue I bumped into when deploying one of the enhanced protection features in defender for cloud. The enhanced feature, adaptive application control, requires the deployment of the Azure Monitor Agent. The Azure Monitoring Agent also installs additional extensions. One of those additional extensions is the Azure Security Agent
-
Intro Welcome to part 1 of the blog series about enhanced protection features available in Defender for Servers Plan 2. Part 1 will be about the protection feature called File Integrity Monitoring (FIM) in Defender for cloud.
-
Introduction I decided to start a blog series about the Advanced protection features which are included in the Defender for Servers Plan 2 provided by Microsoft Defender for Cloud. More and more companies are starting to use Defender for Servers but are uncertain which plan to choose for. With this blog series I would like
-
Intro This post is inspired on different setups I saw while working with my clients. More and more clients are leveraging the Azure Monitoring Agent (AMA) and Data Collection Rules (DCR) to collect log data. I’ve noticed that clients sometimes are sending logs data to different Log Analytics Workspace (LAW), without them being aware. Most
-
You can find my previous blog posts on my medium site.