Home
%3CLINGO-SUB%20id%3D%22lingo-sub-1021978%22%20slang%3D%22en-US%22%3EShort%20%26amp%3B%20sweet%20educational%20videos%20for%20Microsoft%20Defender%20ATP%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1021978%22%20slang%3D%22en-US%22%3E%3CP%3EDelivering%20on%20our%20mission%20to%20help%20customers%20take%20full%20advantage%20of%20Microsoft%20Defender%20ATP%20capabilities%2C%20we're%20continuously%20adding%20new%20features%20to%20the%20platform.%3C%2FP%3E%0A%3CP%3ECheck%20out%20the%20first%20set%20of%20videos%20we've%20compiled%20to%20help%20customers%20easily%20discover%20and%20learn%20about%20enhancements%20and%20new%20capabilities.%20Stay%20tuned%20for%20more%20upcoming%20videos!%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EWe'd%20also%20love%20to%20hear%20from%20you%20and%20what%20other%20videos%20YOU%20would%20like%20to%20see%20(in%20case%20we%20missed%20them%20on%20our%20list.%20%3CIMG%20class%3D%22lia-deferred-image%20lia-image-emoji%22%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Fhtml%2Fimages%2Femoticons%2Fsmile_40x40.gif%22%20alt%3D%22%3Asmile%3A%22%20title%3D%22%3Asmile%3A%22%20%2F%3E).%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CTABLE%3E%0A%3CTBODY%3E%0A%3CTR%3E%0A%3CTD%20bgcolor%3D%22%232f5496%22%20style%3D%22width%3A%20360.9px%3B%22%3E%3CP%3E%3CFONT%20color%3D%22%23ffffff%22%3E%3CSTRONG%3EOnboarding%3C%2FSTRONG%3E%3C%2FFONT%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20bgcolor%3D%22%232f5496%22%20style%3D%22width%3A%20362.9px%3B%22%3E%3CP%3E%3CFONT%20color%3D%22%23ffffff%22%3E%3CSTRONG%3ERole-based%20access%20control%3C%2FSTRONG%3E%3C%2FFONT%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3CTR%3E%0A%3CTD%20style%3D%22width%3A%20360.9px%3B%22%3E%3CP%3EGet%20a%20quick%20overview%20of%20how%20easy%20it%20is%20to%20onboard%20your%20endpoints%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CIFRAME%20src%3D%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fvideoplayer%2Fembed%2FRE4bGqr%3Frel%3D0%22%20width%3D%22400%22%20allowfullscreen%3D%22allowfullscreen%22%20wmode%3D%22transparent%22%3E%3C%2FIFRAME%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20style%3D%22width%3A%20362.9px%3B%22%3E%3CP%3ESee%20how%20simple%20it%20is%20to%20specify%20granular%20access%20control%20with%20role-based%20access%20control%20(RBAC)%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CIFRAME%20src%3D%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fvideoplayer%2Fembed%2FRE4bJ2a%3Frel%3D0%22%20width%3D%22400%22%20allowfullscreen%3D%22allowfullscreen%22%20wmode%3D%22transparent%22%3E%3C%2FIFRAME%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3CTR%3E%0A%3CTD%20bgcolor%3D%22%232f5496%22%20style%3D%22width%3A%20360.9px%3B%22%3E%3CP%3E%3CFONT%20color%3D%22%23ffffff%22%3E%3CSTRONG%3EConditional%20access%3C%2FSTRONG%3E%3C%2FFONT%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20bgcolor%3D%22%232f5496%22%20style%3D%22width%3A%20362.9px%3B%22%3E%3CP%3E%3CFONT%20color%3D%22%23ffffff%22%3E%3CSTRONG%3EAutomated%20investigation%20and%20remediation%3C%2FSTRONG%3E%3C%2FFONT%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3CTR%3E%0A%3CTD%20style%3D%22width%3A%20360.9px%3B%22%3E%3CP%3EContain%20a%20threat%20by%20not%20letting%20risky%20devices%20access%20your%20corporate%20resources%2C%20and%20configure%20Microsoft%20Conditional%20Access%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CIFRAME%20src%3D%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fvideoplayer%2Fembed%2FRE4byD1%3Frel%3D0%22%20width%3D%22400%22%20allowfullscreen%3D%22allowfullscreen%22%20wmode%3D%22transparent%22%3E%3C%2FIFRAME%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20style%3D%22width%3A%20362.9px%3B%22%3E%3CP%3EEnhance%20your%20SOC%20by%20turning%20on%20automated%20investigation%20and%20remediation%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CIFRAME%20src%3D%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fvideoplayer%2Fembed%2FRE4bOeh%3Frel%3D0%22%20width%3D%22400%22%20allowfullscreen%3D%22allowfullscreen%22%20wmode%3D%22transparent%22%3E%3C%2FIFRAME%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3CTR%3E%0A%3CTD%20bgcolor%3D%22%232f5496%22%20style%3D%22width%3A%20360.9px%3B%22%3E%3CP%3E%3CFONT%20color%3D%22%23ffffff%22%3E%3CSTRONG%3EAPIs%3C%2FSTRONG%3E%3C%2FFONT%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20bgcolor%3D%22%232f5496%22%20style%3D%22width%3A%20362.9px%3B%22%3E%3CP%3E%3CFONT%20color%3D%22%23ffffff%22%3E%3CSTRONG%3EAdvanced%20hunting%3C%2FSTRONG%3E%3C%2FFONT%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3CTR%3E%0A%3CTD%20style%3D%22width%3A%20360.9px%3B%22%3E%3CP%3EDevelop%20Microsoft%20Defender%20ATP%20connected%20solutions%20and%20workflows%20with%20a%20rich%20set%20of%20APIs.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CIFRAME%20src%3D%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fvideoplayer%2Fembed%2FRE4d73M%3Frel%3D0%22%20width%3D%22400%22%20allowfullscreen%3D%22allowfullscreen%22%20wmode%3D%22transparent%22%3E%3C%2FIFRAME%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20style%3D%22width%3A%20362.9px%3B%22%3E%3CP%3EUse%20advanced%20hunting%20to%20create%20your%20own%20powerful%20queries%20and%20turn%20them%20easily%20into%20custom%20detections%3A%3C%2FP%3E%0A%3CP%3E%3CIFRAME%20src%3D%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fvideoplayer%2Fembed%2FRE4bGqo%3Frel%3D0%22%20width%3D%22400%22%20allowfullscreen%3D%22allowfullscreen%22%20wmode%3D%22transparent%22%3E%3C%2FIFRAME%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3CTR%3E%0A%3CTD%20bgcolor%3D%22%232f5496%22%20style%3D%22width%3A%20360.9px%3B%22%3E%3CP%3E%3CFONT%20color%3D%22%23ffffff%22%3E%3CSTRONG%3EThreat%20Analytics%3C%2FSTRONG%3E%3C%2FFONT%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20bgcolor%3D%22%232f5496%22%20style%3D%22width%3A%20362.9px%3B%22%3E%3CP%3E%3CFONT%20color%3D%22%23ffffff%22%3E%3CSTRONG%3EDeep%20analysis%3C%2FSTRONG%3E%3C%2FFONT%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3CTR%3E%0A%3CTD%20style%3D%22width%3A%20360.9px%3B%22%3E%3CP%3EAssess%20the%20impact%20of%20threats%20to%20your%20environment%20and%20identify%20actions%20that%20can%20contain%20them%20with%20Threat%20Analytics.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CIFRAME%20src%3D%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fvideoplayer%2Fembed%2FRE4bw1f%3Frel%3D0%22%20width%3D%22400%22%20allowfullscreen%3D%22allowfullscreen%22%20wmode%3D%22transparent%22%3E%3C%2FIFRAME%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3CTD%20style%3D%22width%3A%20362.9px%3B%22%3E%3CP%3EUse%20the%20built-in%20sandbox%20to%20detonate%20suspicious%20files%20with%20a%20single%20click%20and%20get%20a%20detailed%20%26amp%3B%20readable%20report%20back.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CIFRAME%20src%3D%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fvideoplayer%2Fembed%2FRE4aAYy%3Frel%3D0%22%20width%3D%22400%22%20allowfullscreen%3D%22allowfullscreen%22%20wmode%3D%22transparent%22%3E%3C%2FIFRAME%3E%3C%2FP%3E%0A%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3C%2FTBODY%3E%0A%3C%2FTABLE%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EIf%20you%20want%20to%20stay%20updated%20about%20Microsoft%20Defender%20ATP%2C%20you%20can%20follow%20our%20Twitter%20accounts%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-left%22%20style%3D%22width%3A%2038px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F158116i1F6BAE5F103AF529%2Fimage-dimensions%2F38x33%3Fv%3D1.0%22%20width%3D%2238%22%20height%3D%2233%22%20alt%3D%22clipboard_image_1.png%22%20title%3D%22clipboard_image_1.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftwitter.com%2FWindowsATP%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3EMicrosoft%20Defender%20ATP%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-left%22%20style%3D%22width%3A%2037px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F158117i35D066951B47F34E%2Fimage-dimensions%2F37x28%3Fv%3D1.0%22%20width%3D%2237%22%20height%3D%2228%22%20alt%3D%22clipboard_image_2.png%22%20title%3D%22clipboard_image_2.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftwitter.com%2Fheikeritter%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3EHeike%20Ritter%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-1021978%22%20slang%3D%22en-US%22%3E%3CP%3ECheck%20out%20this%20first%20set%20of%20videos%20we've%20recorded%20to%20help%20you%20easily%20discover%20and%20learn%20about%20enhancements%20and%20new%20capabilities.%3CSPAN%20style%3D%22display%3A%20inline%20!important%3B%20float%3A%20none%3B%20background-color%3A%20%23ffffff%3B%20color%3A%20%23333333%3B%20cursor%3A%20text%3B%20font-family%3A%20inherit%3B%20font-size%3A%2016px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20300%3B%20letter-spacing%3A%20normal%3B%20line-height%3A%201.7142%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-left%22%20style%3D%22width%3A%20200px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F158127i2924B1D779CEA4FA%2Fimage-size%2Fsmall%3Fv%3D1.0%26amp%3Bpx%3D200%22%20alt%3D%22video-teaser-pic.PNG%22%20title%3D%22video-teaser-pic.PNG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-TEASER%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1023205%22%20slang%3D%22en-US%22%3ERe%3A%20Short%20%26amp%3B%20sweet%20educational%20videos%20for%20Microsoft%20Defender%20ATP%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1023205%22%20slang%3D%22en-US%22%3E%3CP%3EAwesome%20job%20team!!%20All%20the%20videos%20are%20great!!%26nbsp%3B%3CIMG%20class%3D%22lia-deferred-image%20lia-image-emoji%22%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Fhtml%2Fimages%2Femoticons%2Fstareyes_40x40.gif%22%20alt%3D%22%3Astareyes%3A%22%20title%3D%22%3Astareyes%3A%22%20%2F%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1027149%22%20slang%3D%22en-US%22%3ERe%3A%20Short%20%26amp%3B%20sweet%20educational%20videos%20for%20Microsoft%20Defender%20ATP%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1027149%22%20slang%3D%22en-US%22%3E%3CP%3EThanks%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F63582%22%20target%3D%22_blank%22%3E%40Heike%20Ritter%3C%2FA%3E%2C%26nbsp%3Bfor%20these%20videos.%26nbsp%3B%20I%20also%20bookmarked%20the%20article%20to%20come%20back%20to%20them%20when%20need%20be.%26nbsp%3B%20We%20are%20just%20in%20the%20process%20of%20going%20from%20O365%20E5%20to%20M365%20E5.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1045563%22%20slang%3D%22en-US%22%3ERe%3A%20Short%20%26amp%3B%20sweet%20educational%20videos%20for%20Microsoft%20Defender%20ATP%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1045563%22%20slang%3D%22en-US%22%3E%3CP%3ELove%20these%20videos.%20Thanks%2C%20Heike!%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1066627%22%20slang%3D%22en-US%22%3ERe%3A%20Short%20%26amp%3B%20sweet%20educational%20videos%20for%20Microsoft%20Defender%20ATP%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1066627%22%20slang%3D%22en-US%22%3EHi%2C%20I%20think%20there%20is%20some%20good%20improvements%20that%20could%20be%20made%20to%20RBAC%3A%201.%20Limit%20what%20can%20be%20viewed%2C%20e.g.%20timeline%20is%20not%20suitable%20for%20GDPR%20in%20Europe%20or%20will%20not%20sit%20well%20with%20unions.%202.%20Tag's%20should%20be%20able%20to%20be%20applied%20in%20automated%20fashions%20like%20Machine%20groups.%20Sometimes%20you%20will%20want%20to%20link%20an%20action%20to%20a%20tag.%20Such%20as%20apply%20web%20filtering%20for%20different%20regions%20and%20groups%20of%20people.%20In%20some%20cases%20this%20would%20help%20whereby%20you%20base%20it%20on%20the%20tag%20rather%20than%20the%20machine%20group%20otherwise%20with%20only%20being%20a%20member%20of%20one%20machine%20group%20you%20can%20loose%20the%20functionality%20you%20would%20expect.%20Something%20else%20slightly%20related%20is%20that%20if%20you%20use%20SCEP%20with%20Win%207%20it%20seems%20like%20ATP%20can%20read%20what%20happens%20on%20the%20OS%20but%20will%20not%20report%20a%20virus%20even%20if%20it%20is%20detected%20on%20the%20endpoint.%20It%20will%20however%20pick%20up%20powershell%20examples%20at%20least%20but%20won't%20pull%20any%20logs.%20Since%20Windows%207%20is%20around%20for%20another%203%20years%20is%20it%20not%20important%20to%20add%20some%20of%20the%20basic%20level%20features%3F%20i.e.%20Scan%2C%20collect%20logs%2C%20check%20definitions%20are%20in%20date%2C%20submit%20samples%20and%20isolation%20(could%20be%20done%20with%20some%20firewall%20rules).%20I%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1066629%22%20slang%3D%22en-US%22%3ERe%3A%20Short%20%26amp%3B%20sweet%20educational%20videos%20for%20Microsoft%20Defender%20ATP%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1066629%22%20slang%3D%22en-US%22%3Ep.s.%20great%20videos%20in%20general%20though%20%3A)%3C%2Fimg%3E%3C%2FLINGO-BODY%3E
Microsoft

Delivering on our mission to help customers take full advantage of Microsoft Defender ATP capabilities, we're continuously adding new features to the platform.

Check out the first set of videos we've compiled to help customers easily discover and learn about enhancements and new capabilities. Stay tuned for more upcoming videos!

 

We'd also love to hear from you and what other videos YOU would like to see (in case we missed them on our list. :smile:).

 

Onboarding

Role-based access control

Get a quick overview of how easy it is to onboard your endpoints:

 

 

See how simple it is to specify granular access control with role-based access control (RBAC):

 

 

Conditional access

Automated investigation and remediation

Contain a threat by not letting risky devices access your corporate resources, and configure Microsoft Conditional Access:

 

 

Enhance your SOC by turning on automated investigation and remediation:

 

 

 

APIs

Advanced hunting

Develop Microsoft Defender ATP connected solutions and workflows with a rich set of APIs.

 

 

Use advanced hunting to create your own powerful queries and turn them easily into custom detections:

 

Threat Analytics

Deep analysis

Assess the impact of threats to your environment and identify actions that can contain them with Threat Analytics.

 

Use the built-in sandbox to detonate suspicious files with a single click and get a detailed & readable report back.

 

 

If you want to stay updated about Microsoft Defender ATP, you can follow our Twitter accounts

 

clipboard_image_1.png

Microsoft Defender ATP

 

clipboard_image_2.png

Heike Ritter

5 Comments
Microsoft

Awesome job team!! All the videos are great!! :stareyes:

Regular Contributor

Thanks @Heike Ritter, for these videos.  I also bookmarked the article to come back to them when need be.  We are just in the process of going from O365 E5 to M365 E5.

Microsoft

Love these videos. Thanks, Heike!

Regular Visitor
Hi, I think there is some good improvements that could be made to RBAC: 1. Limit what can be viewed, e.g. timeline is not suitable for GDPR in Europe or will not sit well with unions. 2. Tag's should be able to be applied in automated fashions like Machine groups. Sometimes you will want to link an action to a tag. Such as apply web filtering for different regions and groups of people. In some cases this would help whereby you base it on the tag rather than the machine group otherwise with only being a member of one machine group you can loose the functionality you would expect. Something else slightly related is that if you use SCEP with Win 7 it seems like ATP can read what happens on the OS but will not report a virus even if it is detected on the endpoint. It will however pick up powershell examples at least but won't pull any logs. Since Windows 7 is around for another 3 years is it not important to add some of the basic level features? i.e. Scan, collect logs, check definitions are in date, submit samples and isolation (could be done with some firewall rules). I
Regular Visitor
p.s. great videos in general though :)