Don't get Hacked! Essential Admin Skills for Defender for Endpoint
Vložit
- čas přidán 7. 08. 2024
- In this session I’ll walk you through everything you need to know about Microsoft defender for endpoint in order to keep the bad guy away.. What it does, how to configure and how to spot attacks and more importantly defend your business against them. If you’re preparing for the SC-200 exam or just want to get a heads up on how to protect your stuff. This is the definitive guide.
Today’s sponsor is Bluetally. The Ultimate in IT asset management. For more details visit Bluetallyapp.com
For more on me visit me on LinkedIn or at Andymalone.org
If you want access to exclusive content and more why not consider supporting me and join me on Patreon. / andymalonemvp
Timecodes
00:00 Introductions
02:35 Exploring Defender for Endpoint
03:45 Discovering the Endpoint Settings in Microsoft Intune
04:36 Onboarding Devices into Defender for Endpoint
07:50 Exploring the Defender Endpoint Settings
12:38 Defender for Endpoint Configuration
20:23 Defender for Endpoint Security Policies
23:31 Exposure Management
29:40 Advanced Hunting
30:50 Defender for Endpoint integration with Microsoft Sentinel
31:45 Session Conclusions
Excellent information as always
great crash course, thank you Andy!
Merci Andy, great video again, but still the frustration with all exclusive features reserved to Plan 2 (E5 subscription)...
Agreed, but this is the way it’s going I’m afraid. Time to open your wallet my friend 😊
What's weird is Microsoft Business Premium ( for tenant 300 users and less ) has almost all the E2 security stuff.
@@artin1641 "has almost all the E2", almost, yes...
Hi Andy, great job on covering the details here. I have some feedback, which I hope is constructive. I have difficulty maintaining focus on your content and often miss when you move from one section to another. It would help me if you were able to break up your delivery, either with a sound effect, a large pause, or a framing device between sections. Perhaps its just me or maybe I shouldn't be trying to watch your videos while doing other things. Either way, thank you for the content and I hope this is helpful.
Hi Gavin , thanks for your interest in my videos and your feedback I really do value it. At the moment I normally do the flame effect between sections, or alternatively I timecode all of my sections which often allows viewers to go back and jump in and jump out of topics. However, I will take your suggestions and have a look at what I can do. Thanks so much once again. Andy
Many thanks for this new interesting video.
As the (IT) Admin of a small group of users in my company, I would like to increase the security with Defender for Endpoint.
It would be great if you could make a DEMO about how to deploy Defender for Endpoint and onboard devices 🙏
Thanks again.
Download the agent and install on each device. See docs on Learn.microsoft.com
Many thanks for your quick reply 👍@@AndyMaloneMVP
Great video! As someone new to this, having all this information in one place is really helpful. However, I'm a bit confused about licensing and endpoint security policies. It seems more like Intune functionality to me. Can I use these features if I only have the Microsoft Defender for Endpoint Plan 2, without Intune license?
No, you can have them individually. However, for greater functionality it works well with Intune included.
You should cover the licensing aspect of every 365 apps. It is a major part of choosing a product deployment
I’ve covered this in a previous video
@@AndyMaloneMVP Thank you! Great videos
Great video. Question im not seeing exposure management in my Security Portal. We have M365 E5 lic and use Defender Endpoint. thx
This is a new feature and it’s currently being rolled out so you might see it soon
AH THANK YOU! i was afraid it was another add-on lic @@AndyMaloneMVP
Love it.. However if you got smart screen turn on how do allow certain files and site to by pass it? No one really talks about that.
Hmm idea for a session I think
i have E5 security and preview features enabled and don't have that left navigation menu as you do, mine is still what it's been for awhile now - I'm commenting 3 weeks after the video release so my question is, how'd you get that and how do I get that?
Mine is a training tenant. Probably being rolled out :-)
Hi Andy,
Can't see Endpoints in my Defender portal. Is it because I have only E3. Microsoft Action Pack account with AAD Basic? My Left pane is a lot different than the one I see in your Video.
You’re correct these features are not available with your plan. You need to upgrade.
What are the alternative ways for backing up the emails from Outlook 365?
Export them out to pst. Or use M36( backup from the admin portal. Additional costs incurred though.
@@AndyMaloneMVP Can help me how to export to pst..Thank you in advance
wow
as someone who manages relatively small companies, 5o stations or less, I have to say this is vastly too complex to make it worthwhile. Seems like an enterprise solution to me. would be great for you to do something specifically targeted to show what smaller environments might be best suited to use when you've got under maybe 50 workstations to manage and only one admin.
I do appreciate your comments and thanks for that. I do see how this appears confusing located but actually it’s fairly simple. It’s the same for business premium as this is what I use personally. Just download the agent and you’re pretty much good to go. learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/production-deployment?view=o365-worldwide
How ironic, you post this video and a few days later MS lets us know they got hacked