Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Microsoft Defender for Endpoint in Depth
  • Table Of Contents Toc
Microsoft Defender for Endpoint in Depth

Microsoft Defender for Endpoint in Depth

By : Paul Huijbregts, Joe Anich, Justen Graves
5 (14)
Buy this Book
close
close
Microsoft Defender for Endpoint in Depth

Microsoft Defender for Endpoint in Depth

5 (14)
By: Paul Huijbregts, Joe Anich, Justen Graves
Buy this Book

Overview of this book

With all organizational data and trade secrets being digitized, the threat of data compromise, unauthorized access, and cyberattacks has increased exponentially. Microsoft Defender for Endpoint (MDE) is a market-leading cross-platform endpoint security solution that enables you to prevent, detect, investigate, and respond to threats. MDE helps strengthen the security posture of your organization. This book starts with a history of the product and a primer on its various features. From prevention to attack surface reduction, detection, and response, you’ll learn about the features, their applicability, common misconceptions, and caveats. After planning, preparation, deployment, and configuration toward successful implementation, you’ll be taken through a day in the life of a security analyst working with the product. You’ll uncover common issues, techniques, and tools used for troubleshooting along with answers to some of the most common challenges cybersecurity professionals face. Finally, the book will wrap up with a reference guide with tips and tricks to maintain a strong cybersecurity posture. By the end of the book, you’ll have a deep understanding of Microsoft Defender for Endpoint and be well equipped to keep your organization safe from different forms of cyber threats.
Table of Contents (16 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Download the color images
Icon
Conventions used
Icon
Get in touch
Icon
Share your thoughts
Icon
Download a free PDF copy of this book
1
Part 1: Unpacking Microsoft Defender for Endpoint
Icon
Part 1: Unpacking Microsoft Defender for Endpoint
Lock Free Chapter
2
Chapter 1: A Brief History of Microsoft Defender for Endpoint
Icon
Chapter 1: A Brief History of Microsoft Defender for Endpoint
Icon
It all started in Romania…
Icon
The early days of antimalware
Icon
At the Forefront
Icon
A cloud was born
Icon
Making sense of it
Icon
Rapid innovation
Icon
Expanding coverage
Icon
Defender everywhere
Icon
Microsoft Defender experts
Icon
Summary
3
Chapter 2: Exploring Next-Generation Protection
Icon
Chapter 2: Exploring Next-Generation Protection
Icon
What is next-generation protection?
Icon
Breaking down client-side protection
Icon
Expanding on cloud-delivered protection
Icon
Tamper protection
Icon
Web protection
Icon
Device control
Icon
Summary
4
Chapter 3: Introduction to Attack Surface Reduction
Icon
Chapter 3: Introduction to Attack Surface Reduction
Icon
What is attack surface reduction?
Icon
Examining ASR rules
Icon
Network protection layers and controls
Icon
CFA ransomware mitigations
Icon
Exploit protection for advanced mitigations
Icon
Summary
5
Chapter 4: Understanding Endpoint Detection and Response
Icon
Chapter 4: Understanding Endpoint Detection and Response
Icon
Clarifying the difference between EDR and XDR
Icon
Digging into the components of EDR
Icon
Understanding alerts and incidents
Icon
Reviewing entities and actions
Icon
Exploring enhanced features
Icon
Summary
6
Part 2: Operationalizing and Integrating the Products
Icon
Part 2: Operationalizing and Integrating the Products
7
Chapter 5: Planning and Preparing for Deployment
chevron up
Icon
Chapter 5: Planning and Preparing for Deployment
Icon
Architecting a deployment framework
Icon
Understanding personas
Icon
Gathering data and initial planning
Icon
Planning your deployment
Icon
Some key considerations per feature
Icon
Summary
8
Chapter 6: Considerations for Deployment and Configuration
Icon
Chapter 6: Considerations for Deployment and Configuration
Icon
Operating system specifics and prerequisites
Icon
Configuration options for the portal
Icon
Selecting your deployment methodology
Icon
Configuration management considerations
Icon
Summary
9
Chapter 7: Managing and Maintaining the Security Posture
Icon
Chapter 7: Managing and Maintaining the Security Posture
Icon
Performing production readiness checks
Icon
Staying up to date
Icon
Maintaining security posture through continuous discovery and health monitoring
Icon
Getting started with vulnerability management
Icon
Summary
10
Part 3: Operations and Troubleshooting
Icon
Part 3: Operations and Troubleshooting
11
Chapter 8: Establishing Security Operations
Icon
Chapter 8: Establishing Security Operations
Icon
Getting started with security operations
Icon
Understanding attacks
Icon
Triage and investigation
Icon
Responding to threats
Icon
Threat hunting
Icon
Summary
12
Chapter 9: Troubleshooting Common Issues
Icon
Chapter 9: Troubleshooting Common Issues
Icon
Ensuring the health of the operating system
Icon
Checking connectivity
Icon
Overcoming onboarding issues
Icon
Resolving policy enablement
Icon
Addressing system performance issues
Icon
Navigating exclusion types to resolve conflicting products
Icon
Understanding your update sources
Icon
Comparing files
Icon
Bonus – troubleshooting book recommendations
Icon
Summary
13
Chapter 10: Reference Guide, Tips, and Tricks
Icon
Chapter 10: Reference Guide, Tips, and Tricks
Icon
Useful commands for use in daily operations
Icon
Tips and tricks from the experts
Icon
Reference tables
Icon
Logs and other useful output
Icon
Summary
14
Index
Icon
Index
Icon
Why subscribe?
15
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Packt is searching for authors like you
Icon
Share your thoughts
Icon
Download a free PDF copy of this book

Planning and Preparing for Deployment

In this chapter, we’ll cover how to plan and prepare for your deployment of Microsoft Defender for Endpoint (MDE). Most organizations have some degree of project planning and management standardization. The goal here is not to supplant that at all, but rather to give broad, general guidance on how you might go about planning a deployment (with as many specific MDE considerations as possible, of course). Certainly, IT and security teams can vary greatly in scope and responsibilities, and there’s no plan that’s going to fit everyone’s needs. The idea is more to ensure that anyone at any level of understanding or responsibility could pick up this book and have everything they need to be successful. As you read through the chapter, don’t be afraid to discard the ideas that don’t fit your environment or level of expertise, absorb any new ideas, or mold the concepts to your needs. This chapter isn’t meant...

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Microsoft Defender for Endpoint in Depth
End of Section 7
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon