Forum Discussion
Defender For Endpoint let down
I've been liking the Defender for Endpoint and Cloud capabilities but recently tried to do something very basic and found it falls short. In the old days of inline or explicit proxies you would s...
You may consider:
- Microsoft Defender XDR’s Unified Audit Logs (if integrated with Microsoft 365), these might give additional context from other Microsoft services like Exchange, SharePoint, and Teams if they’re relevant to the user’s behavior.
- Microsoft Sentinel: If connected Defender for Endpoint data to Sentinel, it can enrich event data or use custom parsers to pull more detailed logs, especially when ingesting proxy logs separately.