Forum Discussion
Microsoft Defender for Endpoint features
Hi,
I'd like to know if Microsoft Defender for Endpoint has the following capabilities?
Features:
Anti-malware
MITRE Ingenuity ATT&CK Evaluation
Ransomware Protection and Rollback
Behavior Monitoring and Machine Learning
Single management console
Incident response automation
Targeted attack detection
Enhanced Tamper Protection
Suspicious Behavior Detection
Advanced Deep Learning mechanism
Threat Hunting
Endpoint Isolation
Malicious Traffic Detection
Threat Protection:
Mitigate exploits in vulnerable applications
Application hijacking
Real-time scanning of internet resources
Real-time scanning of local files and network shares
Atomically submit malware samples
If you could share a documentation where I can see these features, I will truly appreciate it.
Thank you,
Vsp
Yes to all of the above, but note that some features will also depend on the license (E3 vs E5) type that you purchase. You and your users will get a lot more security tooling and available options if you have the E5 license.
M365Maps.com is your friend in getting a decent look at the tooling and available options to you depending on the license you require. Here is a link to the P1 vs P2 options (visual guide)
Also, here is the Microsoft documentation on MDE (Microsoft Defender for Endpoint)
Yes to all of the above, but note that some features will also depend on the license (E3 vs E5) type that you purchase. You and your users will get a lot more security tooling and available options if you have the E5 license.
M365Maps.com is your friend in getting a decent look at the tooling and available options to you depending on the license you require. Here is a link to the P1 vs P2 options (visual guide)
Also, here is the Microsoft documentation on MDE (Microsoft Defender for Endpoint)
Here’s a breakdown of whether Microsoft Defender for Endpoint includes the specified features and threat protection capabilities:
Features:
Anti-malware: Yes
MITRE Ingenuity ATT&CK Evaluation: Yes, provides insights into how Defender for Endpoint performs against MITRE ATT&CK techniques.
Ransomware Protection and Rollback: Yes
Behavior Monitoring and Machine Learning: Yes
Single Management Console: Yes
Incident Response Automation: Yes
Targeted Attack Detection: Yes
Enhanced Tamper Protection: Yes
Suspicious Behavior Detection: Yes
Advanced Deep Learning Mechanism: Yes
Threat Hunting: Yes
Endpoint Isolation: Yes
Malicious Traffic Detection: Yes (via integration with network protection features)Threat Protection:
Mitigate Exploits in Vulnerable Applications: Yes (via exploit protection and application control)
Application Hijacking: Yes (via behavioral and heuristic detection)
Real-Time Scanning of Internet Resources: Yes (via web protection and real-time scanning features)
Real-Time Scanning of Local Files and Network Shares: Yes
Automatically Submit Malware Samples: Yes (through automatic sample submission for analysis)
