Aug 23 2021 12:59 PM
The event timeline per device in within Microsoft Defender for Endpoint might be great for incident response.
However, I see a privacy violation as some users only use the portal for vulnerability management and hardening and do not need to see detailed event timelines.
Is it possible to either a) disable it at all or b) restrict access to users that use Microsoft Defender for Endpoint for vulnerability management and hardening purposes only.
Aug 31 2021 09:25 AM