The commercialization of cybercrime has led to an increase in the frequency and sophistication of attacks on small and medium-sized businesses (SMB). Business interruption is a top concern, especiall...
Updated Apr 17, 2025
Version 8.0
Blog Post
One question still remains. How on earth am I going to extract all the attack surface reduction audit events from my up to 300 endpoints?
Option A: Install the MMA agent an configure an additional LAW to search the client logfiles.
Option B: Look through every endpoint by hand.
With Defender for Endpoint we have Advanced Hunting (which is not a part of the license, which is fine for me), BUT we also have the attack surface reduction report!
So we literally have one solution for SMBs which requires a lot of work by hand (*sarcasm* every SMB admin has enough time to manually query clientside eventlogs) and one solution for Enterprise, which offers two solutions OOB. Why canĀ“t we have the ASR report in the Defender for Buisness for easy analysis?