The commercialization of cybercrime has led to an increase in the frequency and sophistication of attacks on small and medium-sized businesses (SMB). Business interruption is a top concern, especiall...
Updated Apr 17, 2025
Version 8.0
Blog Post
One question still remains. How on earth am I going to extract all the attack surface reduction audit events from my up to 300 endpoints?
Option A: Install the MMA agent an configure an additional LAW to search the client logfiles.
Option B: Look through every endpoint by hand.
With Defender for Endpoint we have Advanced Hunting (which is not a part of the license, which is fine for me), BUT we also have the attack surface reduction report!
So we literally have one solution for SMBs which requires a lot of work by hand (*sarcasm* every SMB admin has enough time to manually query clientside eventlogs) and one solution for Enterprise, which offers two solutions OOB. Why can´t we have the ASR report in the Defender for Buisness for easy analysis?