Threat hunting, an integral part of our Defender Experts services, helps our customers by proactively hunting across endpoints, Office 365, cloud applications and identity for emerging cyberthreats. Defender Experts will investigate anything they find and hand off contextual alert information along with remediation instructions for customers to quickly respond through a Defender Experts Notification.
We have released the Sample Defender Experts Notification feature which will enable customers to:
- Get the Defender Experts Notification experience earlier than when the actual Defender Experts Notification is sent by our experts upon detecting malicious activities in their environment.
- Test the email notifications configuration done by customers for Defender Experts Notifications.
- Test the playbooks/rules set up in SIEM/SOC tools for Defender Experts Notifications.
Customers can generate Defender Experts Notifications very easily and quickly through the portal at any time.
After logging into the portal, navigate to Settings>Defender Experts.
Figure 1. Screenshot of the settings in Microsoft Defender that highlights the Defender Experts general settings option.
Click the Sample notifications option to start generating a sample Defender Experts Notification. Once you click on the ‘Generate a Sample notification’ button, the sample notification is generated in a few minutes.
Figure 2. Screenshot of the Defender Experts section where a customer can generate a sample Defender Experts Notification.
Customers can then view the last five sample Defender Experts Notifications.
Figure 3. Screenshot showing a list of the last five generated Defender Experts Notifications.
Click one of the test notifications to open an instance of a sample notification.
Figure 4. Screenshot of a sample Defender Experts Notification.
Click on the Summary tab and then the Read more button to open the Defender Experts Notification contents which include an executive summary and recommendations.
Figure 5. Screenshot of the summary section of a sample Defender Experts Notification.
The detailed documentation for generating sample Defender Experts Notifications can be found here. To learn more about Defender Experts Notifications visit Receive Defender Experts Notifications and how to configure email notifications visit Set up Defender Experts email notifications.
To get a deeper understanding of the threats our Defender Experts team hunt for, visit https://aka.ms/ThreatHunting101.
To learn more about our services, visit the Microsoft Defender Experts for XDR web page and Microsoft Defender Experts for Hunting web page.
Microsoft
