Forum Discussion

Kotresha's avatar
Kotresha
Copper Contributor
Sep 28, 2020

Microsoft Defender Security Center

 Am totally new to ATP and wanted to understand what is the source i.e from where events/alerts comes for Microsoft Defender Security Center? is it from AV (MS Defender on windows)?

 

Can i consider Microsoft Defender Security Center as an centralized endpoint security managment console?

 

  • Kotresha 

    Microsoft Defender Security Center is the portal where you can access Microsoft Defender for Endpoints capabilities. Use the Security operations dashboard to gain insight on the various alerts on devices and users in your network. Use the Threat & Vulnerability Management dashboard to expand your visibility on the overall security posture of your organization. You'll see devices that require attention and recommendations that can help you reduce the attack surface in your organization. Use the Threat analytics dashboard to continually assess and control risk exposure to Spectre and Meltdown.

     

    Before you can gain insight on the various alerts on devices you need to onboard devices to the Microsoft Defender for Endpoint service. You can deploy Microsoft Defender for Endpoint using various management tools:

    • Group policy
    • Microsoft Endpoint Configuration Manager
    • Mobile Device Management tools
    • Local script

Resources