May 08 2023 04:22 AM
Good Day,
I'm new in the MS Suite, my company is using the Zero Trust model, therefore I only have the real data instance available upon request, as a result I'd like to familiarize myself in the MS Defender for Endpoint capabilities in UAT kind of environment, please advise.
May 12 2023 04:14 AM
Hello @Eddy_L2110,
you can go to Microsoft 365 Defender and under Endpoints, Evaluation & tutorials and at Evaluation lab you can build your own test machines and experiment. These test machines raise alerts in your own environment and as such you can go to incidents and alerts to see what has been raised. On the other hand, if you would like to dive deeper, you can use KQL to investigate whatever you want at these test machines.
If I have answered your question, please mark your post as Solved
If you like my response, please consider giving it a like