28 Mar 2022
Partner access to Microsoft Defender for Endpoint via ATP API
blog.ahasayen.com/microsoft-…
#microsoft #Defender #DefenderATP #MicrosoftDefender #MicrosoftDefenderATP #WindowsATP #Azure #AzureSecurity
1
3
23 Aug 2021
Microsoft #Defender for #Endpoint: Machine Learning and AI behind the scenes.
#Security #WindowsATP #DefenderATP #MicrosoftATP #WindowsDefender #WindowsDefenderATP #Azure #AzureSecurity #Mvpbuzz
blog.ahasayen.com/defender-f…
2
16 Dec 2020
Do yourself a favor and DO NOT go for a 3rd party EDR. Just use #WindowsATP that you know is fully compatible with Windows and has kernel level integration. #ConfigMgr PS scripts, now cause noticeable lag for users. Boy, I wish my predictions were wrong this time…
#MEMCM #FML
1
1
8
9 Dec 2020
#splunk
#crowdstrike
#FireEye
#ciscoumbrella
#windowsATP
#Archer
#securitycenter
株の名前じゃなくて、職場で使ってるツールの一部です😁
1
2
9 Sep 2020
🚫 It's not just about detecting #attacks, it is about scanning for #weaknesses❗️.Your #Endpoint #Protection #Strategy must include TVM for Proactive #Security Management.
Learn how this work in my new book: me.ahasayen.com/m365security
#AzureSecurity #DefenderATP #MDATP #WindowsATP
3
6
23 Jun 2020
Anyone else seeing @WindowsATP issues, specifically with the threats & Vulnerability management node? Dashboard, Inventory & weaknesses all state "Data isn't available right now."
1
2
29 May 2020
#Microsoft Defender ATP and #MicrosoftFlow integration blog.ahasayen.com/ms-flow-an…
#AzureFamily #AzureSecurity #defenderatp #MicrosoftDefenderATP #windowsdefender #Windowsatp #MicrosoftATP
3
27 Jan 2020
In the last 2 years, Microsoft Defender #ATP & Cloud App Security have worked to build a full #ShadowIT discovery solution that analyzes organization’s traffic data against the cloud app catalog to block access to Unsanctioned Apps buff.ly/36fNqTB #WindowsATP
3
8 Jan 2020
msticpy 0.3.0 released
New features: MS @WindowsATP queries, ProcessTree interactive viewer (using Bokeh), querying of Azure resource and subscription data from #JupyterNotebook
Thx @MSSPete and @ashwinpatil
github.com/microsoft/msticpy…
pypi.org/project/msticpy/
1
22
44
7 Jan 2020
We are seeing incidents appearing 1 hour after they got triggered on our clients in the @WindowsATP console, anyone seen similiar and if there are ways that can we can configure how often it should upload data?
3
2
3 Jan 2020
That happens sometimes. Please ignore, copy the file to your desktop, and then upload it here: microsoft.com/en-us/wdsi/fil…
2
1 Jan 2020
Even if you don't have #MSIntune or #SCCM, you can still enable @WindowsATP Attack Surface Reduction using Powershell or Group Policy.
Yes, it's more work, but it's worth it.
docs.microsoft.com/en-us/win…
31 Dec 2019
EVERY #MSIntune and #SCCM co-managed customer has no excuse not to enable @WindowsATP Attack Surface Reduction rules! Why on earth would you allow Office to inject code into other processes?! Why would you allow downloaded js/vbs execution on standard user devices?!
4
9
31 Dec 2019
ATP just confirmed via telem that Edge Chromium was being blocked by a different rule than the one we allow listed in October. They've checked in a change to unblock it for Outlook too. Thanks so much for raising it - it should be fixed for all customers in a matter of hours!
1
2
31 Dec 2019
OK thanks Rich. I've dropped a mail to the dev who did the whitelisting a couple months back and he'll look into it. Appreciate you raising it!
2
So there is a need for a solution within SMS to check links such as the ones provided by @WindowsATP #Safelinks or @Mimecast #URLprotection or @Sophos #URLchecker
2
23 Dec 2019
Microsoft Defender ATP data scientists developed a probabilistic time series model for detecting RDP brute force attacks and collaborated with threat hunters to protect customers against real-world threats through Microsoft Threat Experts @WindowsATP buff.ly/2EIuHVc
3
14
16 Dec 2019
Cool, so we can get an alert on it after it's already happened (assuming nothing in the 9 step process fails) rather than EDR blocking it outright and remediating.
I get there are layers to this (network monitoring should see it too), but I'd rather prevent than get an alert.
1
2