Deploy Attack Surface Reduction Rules from Microsoft Intune
ฝัง
- เผยแพร่เมื่อ 5 เม.ย. 2023
- How to enable attack surface reduction rules from Intune?
Deployment method and modes for Attack Surface Reduction Rules - • Attack Surface Reducti...
What is Microsoft Defender for Endpoint? • Microsoft Defender - W...
Getting Started with Microsoft Defender for Endpoint? • Microsoft Defender for...
Microsoft Defender for Endpoint - Role Based Access Control - • Microsoft Defender for... .
Microsoft Defender for Endpoint - Role Based Access Control - Portal Configuration • Microsoft Defender for... .
Onboard Windows 10 Devices | Microsoft Defender for Endpoints | MDATP | Local Script • Onboard Windows 10 Dev...
Onboard Windows 10 Devices from GPO | Microsoft Defender for Endpoint • Onboard Windows 10 Dev...
Microsoft Defender for Endpoint | Onboarding Linux Machine • Microsoft Defender for...
Microsoft Defender for Endpoint for Linux • Microsoft Defender for...
Microsoft Defender For Endpoint Deployment Guide • Detailed Deployment Vi...
Microsoft Defender for Endpoint - Threat and Vulnerability Management • Microsoft Defender for...
Threat and Vulnerability Management - Software Inventory | Microsoft Defender for Endpoint • Threat and Vulnerabili...
Getting Started with Threat and Vulnerability Management | Microsoft defender for Endpoints • Getting Started with T...
Security Recommendation and Remediation | Microsoft Defender for Endpoint • Security Recommendatio...
Threat and Vulnerability Management - Weaknesses | Microsoft Defender for Endpoint • Threat and Vulnerabili...
Threat and Vulnerability Management - Dashboard | Microsoft Defender for Endpoint • Threat and Vulnerabili...
Threat and Vulnerability Management - Weaknesses | Microsoft Defender for Endpoint • Threat and Vulnerabili...
Security Recommendation and Remediation | Microsoft Defender for Endpoint • Security Recommendatio...
Threat and Vulnerability Management - Software Inventory | Microsoft Defender for Endpoint • Threat and Vulnerabili...
Microsoft Defender for Endpoint | API | Basics and Fundamentals • Microsoft Defender for...
Use postman to access Microsoft Defender for endpoint API • Use postman to access ...
Microsoft Defender for Endpoint API | Query Any Entity Set • Microsoft Defender for...
Microsoft Defender Application guard | Attack Surface Reduction • Microsoft Defender App...
Microsoft Defender Application Guard | Standalone Mode • Microsoft Defender App...
Microsoft Defender Application Guard | Enterprise Mode | Capabiltiy Showcase • Microsoft Defender App...
Microsoft Defender application guard | Enterprise Mode | Configuring GPO | Part 1 • Microsoft Defender App...
Microsoft Defender Application Guard | Domain Joined Machine • Microsoft Defender App... - วิทยาศาสตร์และเทคโนโลยี
Thanks for such a well explained deployment of ASR Rules.
Great video! Thank you so much!
Where is the link to the second video talking about the exclusions? It is not on the description and the recommended video only talks about Log Analytics
Hi. You mentioned the link to the Office document that creates child processes. Do you mind sharing it? Thanks.
Very well explained.
Glad it was helpful!
Great video, what is recommendation around enabling all 16 rules should we use one ASR rule or separate rule for each configuration to have more control over exceptions. Thanks
I would suggest to start with machines from different business units, enable all the rules in audit mode. Check ASR reports section to get the dump of all the files getting impacted, add valid exclusions first and then enabled rules in block mode.
@@ConceptsWork Thanks, I was wondering, if I start the audit mode and identify that I need to enable exclusions for a selected number of computers for Adobe child processes and another selected number of computers for Office macros, how should we apply these settings? Should we have two separate ASR policy profiles in Intune?
Are these the best practise deployments?