Forum Discussion
Real-time protection in Windows Defender - How does it work?
Hello Everyone, Let me begin with a high-level presentation of our environment - our project develops an application for EU countries on top of a Microsoft infrastructure – Windows Server 2016, A...
The files should be scanned on write so 10 minutes is more than enough. I would like to dig a bit deeper on your GDPR constraints and cloud protection. You can have cloud protection but not submit samples. See the graphic here: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/cloud-protection-microsoft-antivirus-sample-submission?view=o365-worldwide#how-cloud-protection-and-sample-submission-work-together
Just turning on cloud protection and not sample submission would get you better protection from the metadata check we do. The metadata list can be found here:
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/cloud-protection-microsoft-antivirus-sample-submission?view=o365-worldwide#examples-of-metadata-sent-to-the-cloud-protection-service
I would work with your privacy team on whether the information in the metadata check would still not allow you to use cloud protection without sample submission. You are missing out on a lot of the protection stack by not having cloud protection turned on.
Jake
Just turning on cloud protection and not sample submission would get you better protection from the metadata check we do. The metadata list can be found here:
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/cloud-protection-microsoft-antivirus-sample-submission?view=o365-worldwide#examples-of-metadata-sent-to-the-cloud-protection-service
I would work with your privacy team on whether the information in the metadata check would still not allow you to use cloud protection without sample submission. You are missing out on a lot of the protection stack by not having cloud protection turned on.
Jake