How to respond to Scheduled Task alerts in Defender for Endpoint | Red Canary Crash Course скачать в хорошем качестве

How to respond to Scheduled Task alerts in Defender for Endpoint | Red Canary Crash Course

We show you how to navigate through the response features available to users of Microsoft Defender for Endpoint, explaining what they are and how you can use them. In particular, we show how you can leverage features Live Response and the Alert Timeline work toward resolving alerts or incidents. In this series of videos, we'll use a collection of Atomic Red Team tests to simulate some of the most prevalent Mitre ATT&CK Techniques in an environment protected by Windows Defender for Endpoint. We'll then demonstrate how you can triage native alerting, execute response actions, and and leverage Kusto queries in the Advanced Hunting console to investigate suspicious activity generate by the tests. Viewers will learn how to: interpret and triage native alerting respond to alerts by executing simple response actions, like isolating an endpoint or initiating Live Response threat hunt and perform ad hoc investigations using Kusto queries and the advanced hunting console You can watch the entire Red Canary Crash Course series here on YouTube or at https://redcanary.com/products/mdr-fo... As your security ally, Red Canary enables your team to focus on the highest priority security issues impacting your business. By removing your need to build and manage a threat detection operation, we help you focus on running your business securely and successfully. Our Security Operations Platform delivers threat detection, hunting, and response—driven by human expert analysis and guidance—applied across your endpoints, cloud, and network security.