Tag Archives: MDATP

Windows Server Core, reducing the “attack surface area”

Disclaimer: The views expressed in my posts on this site are mine & mine alone & don’t necessarily reflect the views of Microsoft. All posts are provided “AS IS” with no warranties & confers no rights. If I post any code, scripts or demos, they are provided for the purpose of illustration & are notContinue reading “Windows Server Core, reducing the “attack surface area””

SCCM-Endpoint Protection: Microsoft Defender Advanced Threat Protection (EDR) for Windows 7 SP1, Windows 8.1, Windows Server 2008 R2 SP1, Windows Server 2012 R2, and Windows Server 2016 (Part 15)

Disclaimer: The views expressed in my posts on this site are mine & mine alone & don’t necessarily reflect the views of Microsoft. All posts are provided “AS IS” with no warranties & confers no rights. If I post any code, scripts or demos, they are provided for the purpose of illustration & are notContinue reading “SCCM-Endpoint Protection: Microsoft Defender Advanced Threat Protection (EDR) for Windows 7 SP1, Windows 8.1, Windows Server 2008 R2 SP1, Windows Server 2012 R2, and Windows Server 2016 (Part 15)”

SCCM-Endpoint Protection: Microsoft Defender Advanced Threat Protection (EDR) for Windows Server 2019 (Part 14)

Disclaimer: The views expressed in my posts on this site are mine & mine alone & don’t necessarily reflect the views of Microsoft. All posts are provided “AS IS” with no warranties & confers no rights. If I post any code, scripts or demos, they are provided for the purpose of illustration & are notContinue reading “SCCM-Endpoint Protection: Microsoft Defender Advanced Threat Protection (EDR) for Windows Server 2019 (Part 14)”

Stop hurting yourself: Find the domain users with Local Admin rights with MTP’s or MDATP’s Advanced Hunting, and Enterprises lower your security exposure. [Part 1 of 2]

Disclaimer: The views expressed in my posts on this site are mine & mine alone & don’t necessarily reflect the views of Microsoft. All posts are provided “AS IS” with no warranties & confers no rights. If I post any code, scripts or demos, they are provided for the purpose of illustration & are notContinue reading “Stop hurting yourself: Find the domain users with Local Admin rights with MTP’s or MDATP’s Advanced Hunting, and Enterprises lower your security exposure. [Part 1 of 2]”

SCCM-Endpoint Protection: Enable SCCM “Client Settings” – "Endpoint Protection"(Part 9a)

Disclaimer: The views expressed in my posts on this site are mine & mine alone & don’t necessarily reflect the views of Microsoft. All posts are provided “AS IS” with no warranties & confers no rights. If I post any code, scripts or demos, they are provided for the purpose of illustration & are notContinue reading “SCCM-Endpoint Protection: Enable SCCM “Client Settings” – "Endpoint Protection"(Part 9a)”

Evaluation (PoC) Guide for Microsoft Defender Antivirus (MDAV) and Microsoft Defender–Exploit Guard [Attack Surface Reduction Rules, Controlled Folder Access and Network Protection]

Disclaimer: The views expressed in my posts on this site are mine & mine alone & don’t necessarily reflect the views Microsoft. All posts are provided “AS IS” with no warranties & confers no rights. If I post any code, scripts or demos, they are provided for the purpose of illustration & are not intendedContinue reading “Evaluation (PoC) Guide for Microsoft Defender Antivirus (MDAV) and Microsoft Defender–Exploit Guard [Attack Surface Reduction Rules, Controlled Folder Access and Network Protection]”

SCCM-Endpoint Protection: Microsoft Defender Exploit Guard: Controlled Folder Access (Part 12)

Disclaimer: The views expressed in my posts on this site are mine & mine alone & don’t necessarily reflect the views of Microsoft. All posts are provided “AS IS” with no warranties & confers no rights. If I post any code, scripts or demos, they are provided for the purpose of illustration & are notContinue reading “SCCM-Endpoint Protection: Microsoft Defender Exploit Guard: Controlled Folder Access (Part 12)”

SCCM-Endpoint Protection: Microsoft Defender Exploit Guard: Network Protection (Part 11)

Disclaimer: The views expressed in my posts on this site are mine & mine alone & don’t necessarily reflect the views of Microsoft. All posts are provided “AS IS” with no warranties & confers no rights. If I post any code, scripts or demos, they are provided for the purpose of illustration & are notContinue reading “SCCM-Endpoint Protection: Microsoft Defender Exploit Guard: Network Protection (Part 11)”

SCCM-Endpoint Protection: Microsoft Defender Exploit Guard: Attack Surface Reduction rules (Part 10)

Disclaimer: The views expressed in my posts on this site are mine & mine alone & don’t necessarily reflect the views of Microsoft. All posts are provided “AS IS” with no warranties & confers no rights. If I post any code, scripts or demos, they are provided for the purpose of illustration & are notContinue reading “SCCM-Endpoint Protection: Microsoft Defender Exploit Guard: Attack Surface Reduction rules (Part 10)”

SCCM-Endpoint Protection: Windows server: MDAV and SCEP antimalware policies best practices(Part 9)

Disclaimer: The views expressed in my posts on this site are mine & mine alone & don’t necessarily reflect the views of Microsoft. All posts are provided “AS IS” with no warranties & confers no rights. If I post any code, scripts or demos, they are provided for the purpose of illustration & are notContinue reading “SCCM-Endpoint Protection: Windows server: MDAV and SCEP antimalware policies best practices(Part 9)”

Design a site like this with WordPress.com
Get started