Forum Discussion

ir-qiwi's avatar
ir-qiwi
Copper Contributor
Aug 06, 2019

Targets to Live-Response actions in Defender ATP

Hi! Today windows defender one of the best solution for protect endpoint. But I think we have not enough live-response targets in action center. From this link we can find all targets.
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/respond-machine-alerts#collect-investigation-package-from-machines

I didn’t have enough yesterday additional targets. 
For example https://github.com/EricZimmerman/KapeFiles/tree/master/Targets
It would also be very helpful to collect MFT

Thanks!

Resources