Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community
Short & sweet educational videos on Microsoft Defender for Endpoint
Published Nov 20 2019 10:41 AM 58.4K Views
Microsoft

Delivering on our mission to help customers take full advantage of Microsoft Defender for Endpoint capabilities, we're continuously adding new features to the platform.

 

Check out these videos we've compiled to help customers easily discover and learn about Microsoft Defender for Endpoint and drill down into many of its capabilities. 

 

We'd also love to hear from you what other videos YOU would like to see (in case we missed them on this list. :smile:).

 

 

Overview

 Architecture

This video gives you an all-up overview of Microsoft Defender for Endpoint:

Get a high level understanding of the service architecture:


Onboarding

Role-based access control

Get a quick overview of how easy it is to onboard your endpoints:

 

 

See how simple it is to specify granular access control with role-based access control (RBAC):

 

 

Mobile Threat Defense Best Practices

Mobile Threat Defense Deployment

In this video, you learn about Mobile Threat Defense best practices that help you to secure the org from threats to mobile devices.

 

This video shows how to deploy Mobile Threat Defense by using Microsoft Endpoint Manager.

 

 

Threat & Vulnerability Management (TVM) - Overview

Threat & Vulnerability Management - Discovery & Remediation

Get continuous real-time visibility, context-aware prioritization, and a built-in end-to-end remediation process:

 

 

See how TVM discovers vulnerabilities and misconfigurations and how you can quickly take action to remediate them in your environment :

 

 

Discovering Unmanaged Devices

 

In this video, you'll see how to discover unmanaged devices 

 

 
Attack surface reduction:

Microsoft Defender for Endpoint gives you various tools to eliminate risks by reducing the surface area for attacks without blocking user productivity.

This video is an overview and further down we drill deeper into some of the features with separate videos:

 

Application control

Network protection

With application control you can control which applications are allowed to run and which are not:

 

 

 

Network protection defends against internet-based attacks by blocking connectivity to a internet destination that is malicious or has a low reputation:

 

 

Reputation analysis - Microsoft Defender SmartScreen

 EDR in block mode

Reputation analysis with Microsoft Defender for Endpoint protects users against accessing untrusted websites and running malicious code on their devices:

EDR in block mode provides an additional layer of post-breach blocking of malicious behavior, malware, and other artifacts that your primary antivirus (AV) solution might miss.

Endpoint detection and response (EDR)

We give you the tools needed to detect and investigate advanced persistent attacks on your network.
Investigation Advanced hunting

We give you a rich experience for triage and investigations, with all the details needed to easily narrate the end-to-end attack story:

 

 

Use advanced hunting to create your own powerful queries and turn them easily into custom detections:

 

 

Alert page

 

The new Microsoft Defender for Endpoint alert page  enables security researchers to more effectively triage, investigate, and take effective actions on alerts. 

 

Live response Deep file analysis

Get real-time live connection to a remote system:

 

Use the built-in sandbox to detonate suspicious files with a single click and get a detailed and readable report back:

Threat Analytics

Unified IOCs

Assess the impact of threats to your environment and identify actions that can contain them with Threat Analytics:

 

Upload your own indicators of compromise (IOCs) to also get alerted on your own detection logic:

 

Automated investigation and remediation

 Microsoft Threat Experts

Enhance your SOC by turning on automated investigation and remediation:

 

 

Get an additional layer of oversight and analysis to help ensure that threats don’t get missed:

 

 

APIs

Streaming API

Develop Microsoft Defender for Endpoint connected solutions and workflows with a rich set of APIs:

 

 

You can use our streaming API to stream event information directly to Azure storage or to Azure Event Hubs:

 

Conditional access

Security Configuration

Contain a threat by not letting risky devices access your corporate resources through Conditional Access:

 

 

See how you can use Microsoft Endpoint Manager to manage security configuration for Microsoft Defender for Endpoint:

 

 

Microsoft Cloud App Security (MCAS)

Evaluation Lab

Integrating Microsoft Defender for Endpoint and Microsoft Cloud App Security can help control shadow IT and assist with your security investigations:

The evaluation lab eliminates the complexities of machine & environment configuration - you can focus on evaluating the capabilities right away.

Delegated access for MSSPs

 

Learn how you as - a Managed Security Service Provider - can better manages access to multiple tenants:

 

 

 

clipboard_image_2.png

Heike Ritter

13 Comments
Co-Authors
Version history
Last update:
‎Nov 22 2021 02:07 PM
Updated by: