cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Microsoft Defender for Endpoint Blog

Your community for best practices and the latest news on Microsoft Defender for Endpoint. For all release announcements on Microsoft Defender for Endpoint from features under development to retirement, visit the M365 Roadmap.
Microsoft Entra Tech Accelerator: Part 2 of 2
Jul 20 2023, 08:00 AM - 10:30 AM (PDT)
Microsoft Tech Community
Find out more
Options
6,181

Announcing the monthly security summary report for Microsoft Defender for Endpoint

Yael_Ben_Ari on Jun 12 2023 09:21 AM
Keep stakeholders informed of the organization's latest security progress and developments, without losing focus on the ...
16.3K

Discovering internet-facing devices using Microsoft Defender for Endpoint

NimrodRoimy on Apr 18 2023 09:00 AM
To help organizations extend their threat protection across internet-facing devices, Microsoft Defender for Endpoint wil...
14.8K

Enrich your advanced hunting experience using network layer signals from Zeek

cventour on Apr 17 2023 10:00 AM
Expand your investigation, hunting, and detection capabilities using a variety of Zeek-based events in advanced hunting.
5,646

Defender for Endpoint and disconnected environments. Cloud-centric networking decisions

BrianBaldock on Apr 04 2023 09:00 AM
This article provides guidance on understanding the functionality of Defender for Endpoint, a cloud-first product, and t...
4,232

Microsoft awarded Best Advanced Protection for Corporate and Consumer Users by AV-TEST

Nick_C on Mar 20 2023 11:00 AM
AV-TEST has awarded Microsoft Best Advanced Protection 2022 for both Corporate Users and Consumer Users categories.
6,479

Defender for Endpoint and disconnected environments. Which proxy configuration wins?

BrianBaldock on Feb 21 2023 11:32 AM
This article is a follow-up to a previous one discussing conflicting proxy configurations and how Microsoft Defender for...
10.4K

Push ASR rules with Security Settings Management on Microsoft Defender for Endpoint managed devices

DanLevyMS on Feb 02 2023 07:01 AM
Now in public preview, Microsoft Defender for Endpoint expands Security Settings Management support to push ASR rules on...
10.8K

Announcing device isolation support for Linux

Ayelet_Artzi on Jan 30 2023 02:50 PM
Now in public preview, Microsoft Defender for Endpoint releases device isolation support for Linux.
264K

Recovering from Attack Surface Reduction rule shortcut deletions

Scott Woodgate on Jan 14 2023 12:12 AM
Guidance on how to recover from short-cut deletions including PowerShell script.
9,691

Introducing tamper protection for exclusions

JoshBregman on Jan 12 2023 01:53 PM
One of the most requested features for tamper protection is protection of antivirus exclusions. With that in mind, the M...
16.2K

Disconnected environments, proxies and Microsoft Defender for Endpoint

BrianBaldock on Jan 06 2023 11:13 AM
Recommendations and guidance for deploying Microsoft Defender for Endpoint in disconnected or air-gapped environments
57.6K

New network-based detections and improved device discovery using Zeek

eladsolomon on Nov 28 2022 05:00 AM
Microsoft Defender for Endpoint is now integrated with Zeek, a powerful open-source network analysis platform.
11.7K

Announcing new removable storage management features on Windows

Tewang_Chen on Nov 21 2022 09:20 AM
Better manage removable storage devices with new removable storage access control capabilities in Microsoft Defender for...
35.3K

Use the new Microsoft 365 Defender API for all your alerts

Naama Schlesinger on Nov 11 2022 09:00 AM
The new Microsoft 365 Defender alerts API, currently in public preview, enables customers to work with alerts across all...
21.8K

Microsoft Defender for Endpoint announcements at Microsoft Ignite 2022

Nick_C on Oct 12 2022 08:40 AM
Microsoft Defender for Endpoint makes its mark at Microsoft Ignite 2022. See what we announced at this year's event.
19.4K

Detecting and remediating command and control attacks at the network layer

OludeleOgunrinde on Oct 12 2022 08:00 AM
Microsoft Defender for Endpoint helps SecOps teams detect network C2 attacks earlier in the attack chain, minimize the s...
49.8K

Tamper protection will be turned on for all enterprise customers

JoshBregman on Sep 20 2022 05:00 AM
Starting last year, to better protect our customers from ransomware attacks we turned on tamper protection by default fo...
6,771

Microsoft Defender for Endpoint is now available on Android company-owned personally enabled devices

priyankagill on Sep 19 2022 08:01 AM
With an increasing number of users choosing to access company resources from mobile devices to improve productivity, org...
7,012

Improving device discoverability and classification within MDE using Defender for Identity

YakirZilberman on Sep 13 2022 10:39 AM
Leveraging Microsoft Defender for Identity as a data source for Defender for Endpoint device discovery can help improve ...
13.6K

Attack Surface Reduction (ASR) Rules Report 2.0 in Microsoft 365 Defender

OludeleOgunrinde on Sep 06 2022 10:51 AM
Thanks to customer feedback, we are delivering the future of ASR Rules reporting and making it easier than ever to under...
7,243

New Mobile Threat Defense capabilities for Android & iOS

Mukta_Agarwal on Aug 30 2022 11:05 AM
Now generally available: Privacy Controls, Optional Permission, and Disable Web Protection.
5,691

How to deploy Attack Surface Reduction rules to Azure VMs using Azure Guest Configurations

mahmoudmsft on Aug 19 2022 07:34 AM
In this article, we will discuss a way to deploy ASR rules to VMs when other management tools are unavailable.
18.4K

Network Protection and Web Protection for macOS and Linux

NickWelton on Aug 17 2022 03:48 PM
When we first launched Network Protection for Windows and built powerful Web Protection and Microsoft Defender for Cloud...
9,547

Tamper protection on macOS is now generally available

Camilla_Djamalov on Aug 15 2022 04:53 PM
An integrated tampering alert in the Microsoft 365 Defender portal Microsoft Defender for Endpoint's tamper protection f...
22K

New Device Health Reporting for Microsoft Defender for Endpoint is now generally available

marysia_k on Aug 08 2022 02:42 PM
We are excited to announce the public preview of new device health reports for Microsoft Defender for Endpoint.
4,662

Announcing File page enhancements in Microsoft Defender for Endpoint

Oren_Saban on Jul 28 2022 08:00 AM
Have you ever investigated files in Microsoft Defender for Endpoint? We have now made it even easier.
14.3K

Introducing the new alert suppression experience

Yonit_Glozshtein on Jul 05 2022 08:48 AM
We are excited to share the new and advanced alert suppression experience which provides tighter granularity and control...
13.8K

Mobile Network Protection for Defender for Endpoint on Android and iOS now Generally Available

Aparna_Harikumar on Jun 28 2022 08:27 AM
The way organizations conduct business has changed dramatically over the past few years, with employees working from hom...
17.1K

Prevent compromised unmanaged devices from moving laterally in your organization with “Contain”

Yossi Basha on Jun 09 2022 06:00 AM
71% of human operated ransomware cases are initiated by an unmanaged device, usually internet facing, that is compromise...
3,834

Mobile device support is now available for US Government Customers using Defender for Endpoint

Mukta_Agarwal on Jun 07 2022 09:00 AM
As endpoints become more dispersed with the increased adoption of hybrid work, it has never been more critical for organ...

Latest Comments

alitayyar
in Discovering internet-facing devices using Microsoft Defender for Endpoint on Jun 23 2023 01:41 AM
Hi,in our company started also some Endpoints we couldn't figure out so far why and how internetfacing alerts. We are working on the issue but would like to know more on the Microsoft side.
0 Likes
Nalexion
in Announcing the monthly security summary report for Microsoft Defender for Endpoint on Jun 19 2023 02:06 AM
When I should see this report in my tenant?
0 Likes
TakashiVV
in Introducing the new alert suppression experience on Jun 15 2023 12:16 AM
I think that creating those rules is as hard as triaging the sheer number of alerts.
0 Likes
TakashiVV
in Detecting and remediating command and control attacks at the network layer on Jun 14 2023 11:25 PM
i think that if emotet writes IP&fakeDomainName to hosts file,it may be difficult to detect C2 connections.
0 Likes
Yael_Ben_Ari
in Announcing the monthly security summary report for Microsoft Defender for Endpoint on Jun 13 2023 11:14 AM
Of course! It is part of our planning to expand this report with even more great capabilities :)
0 Likes