Get Started with Microsoft Defender for 365
ฝัง
- เผยแพร่เมื่อ 4 ก.ค. 2024
- In this session, I’ll walk you through the basics of getting started with Microsoft Defender for 365. This session will compliment my other sessions on Defender that focus on specific topics. We live in dangerous time and ensuring that we have adequate cyber-defences is critical to having an overall information / cybersecurity defence strategy. Being able to not only detect an incident, but also prevent an incident is a critical skill that must be addressed in the modern organisation.
This video forms part of a series on Microsoft Defender. Here are the other videos you may wish to take a look at.
Defender for Endpoint • Microsoft Defender for...
Defender for Cloud • Get started with Micro...
Defender for CloudApps • Getting Started with M...
Visit me at Andymalone.org
Great simple overview of Defender!
Great video thanks Andy!
Top Video Andy. I'm thinking that a video primer showing ALL of the Microsoft Defender Options, what each is used for might be handy ... because every time I look at it inside my O365/M365 backend - I get a headache! Defender for 365, Defender for Endpoint, Defender for Business, Defender for Cloud, Defender for Server, Plan 1 or Paln 2, Hybrid joined devices, Hybrid Registered devices, Azure Ad Joined devices, On-Prem devices and then good old standard Windows Defender ...
It's almost like Microsoft wants you to buy licenses for as many different things as possible ;)
Hi Dave, I completely agree with you and it is very confusing with so many different defender products. I simply could not do a single video with every option. The video would probably last four hours. That’s the reason why I’ve done separate videos. But I agree it does appear that Microsoft marketing have gone crazy 😊
I would love to see videos based on Business licenses. It seems things are quite different when you want to do administration, especially when your users are Business Standard and Basic. Its almost like us small business owners are an afterthought.
Hi Mark, thanks for the comments. I understand your pain completely, however I did recently produced a video on business premium I don’t know if you saw that? Historically however, when I do videos on small business based products I don’t get much viewership. However, I will see what I can do for you in the future. Thanks again.
@@AndyMaloneMVP Completely understand! I am glad someone is feeling my pain. Getting introduced to 365 this way is not fun. It feels like i am dying of thirst with a giant glass of water in front of me and no arms to pick it up to drink it.
@@MarkRouleau well, I hope you consider my channel a Straw🎉👍😊
@@AndyMaloneMVPdefinitely not the last straw…
@@MarkRouleauif you’re admin, then would you not need to upgrade users to an E3 or E5 licence? There are features that will be limited and when the business grows you’ll be equipped with the right amount of licences. Forget coat, and not that you’ve a blank cheque, but, need to balance features with usefulness and also the needs of the business and what, at least, you need to be administering and what’s beneficial to your users and you in terms of security and ease of allowing roles etc. just a thought
Seriously this was an amazing video
Thanks, I really appreciate that. 👍
Hey Adny! Great overview, I recently passed the SC-200 exam, and this is good refreshing of the material.
One question: where can I access M365 trials with demo data like the ones you use? I understand the trials but obviously these come empty, I just wonder how you do it.
Thanks, in advance.
Firstly, congrats on passing your exam that’s fantastic. If you want to trial any Microsoft product just do a search in Google for Microsoft 360 5E5 trial. Unfortunately the demos I’m using are only available to Microsoft partners, or MVPs on Microsoft CDX platform. I’m not sure if you’re a Microsoft partner or not. The website allows you to create tenants and hydrate them with users, groups and so on. Microsoft Learning also used the same idea with many of the labs also, including the hydrated material. Anyway, congrats again and thanks for the comment.
If you sign up for the developer program you can create E5 tenants to mess around with.
@@ryanmccullough6252 absolutely great. Tit Ryan 👍
Excellent timing, set up a server with endpoint plan 2 today (swapping environment over from eset) using the script deployment.
The only thing unclear to me now is (since the servers wont be in intune) if the management status of ‘unknown’ is problematic/insufficient..
There is actually a new version of defender for server, which is just being released by Microsoft check out docs.microsoft.com for more details.
i like this man
Great thank you !
You are welcome!
Hello. Thanks for your videos! Do you have any best practices for investigating/ remediating the incidents/alert reported in defender? Like a decision tree of some sort that takes me step by step through the analysis, action and closure of incidents/alerts? For example. Phishing email shows in incident log - didn't hit anyones inbox, is currently in quarantine - what do I do? Just close the alerts because MS already did it or do I need to block each of the senders? Was hoping to find some sort of decision tree or at least a glossary of the incident names do I can better understand what needs to happen. Any help greatly appreciated!
Yes new video coming tomorrow, Tuesday watch out for it
Do you know conferences/trainings that give a person good hands on training with defender? Im looking to see if I can attend one this year to get hands on training, preferably with real situation scenarios
Yes SC-200 check out more details from learn.microsoft.com
Hi Andy, if our company is using SCCM to manage Defender scan and update policies. Where will we need to migrate these settings to? Intune Admin Center's Endpoint security? Device Configuration? Microsoft 365 Defender?
I’m guessing the security note in Microsoft in tune as this is where all the defender for endpoint features are. However, I am not an Encyclopedia and don’t know every setting without researching it. I’m only human😂🤣
Is there a way to clean the file that come up as malware or viruses? I am Office business premium. I don't see any actions. I only see submissions and I don't see the file on my test machine that is malware that shows up under incidents and alerts.
I’m sure there will be a number if 3rd party solutions. But Defender is the way here I’m afraid.
Good tutorial
Nice sir
Thank you for video. How to assign role security reader for IT team but block access to read/open/access email & collaboration category?
You can create a custom, security roll
@@AndyMaloneMVP I can't create custom security role, it's not support in M365 Business premium?
Hey Andy, would you consider making KQL training please?
My friend Michael does a great video on this check this link th-cam.com/video/Vzhy9tfpnX4/w-d-xo.html
Hy Andy can I know relation between O365 E5 licenses and M365 E5 licenses
Check out M365maps.com. It’s a great site and you can compare the different plans.
Very great video sir, I have learned a lot.However,I don't see all that option in my Windows defender. Maybe because I am not an administrator
Possibly or it's a licence issue.
Daft question, but where do you download Microsoft Defender for Office 365 (Plan 1) from..?
You download the agent from the settings page. Click endpoints and scroll down to the bottom of the page. Select your OS and you’re good to go.
Thanks Andy, this is odd... I don't seem to have anything that mentions "Endpoints" anywhere in my Admin Portal. I remember hooking it up for a customer a few years back and I was sure I downloaded it from the Portal.., but nothing visible in my one... Maybe I'll open a ticket with MS.. 👍
Thanks
Thank you so much I appreciate that🙏👍😊
Sir we have a user whose getting random spam emails, there is no specific pattern/ sender/location/ IP. They are very random. He is getting 2000+ emails daily. We cannot create rule/ policy as such bcz he needs to receive mails from external partners regularly
Check out the Microsoft tech community that’s a great place to ask a question like this
Great content thanks, how can I get a training from you?
At the moment you can’t as I’m currently working with the training provider. However, I am planning some premium content of four members of my channel so watch out for more details.
Do you have any plans on showing Defender for identity? Also Defender for servers but identity first 😅😊 and as always, great video 👍
Unfortunately to do a full demo on defender for identity. I would need a fairly complex set up of an on premises domain environment plus Azure subscription. However, I’ll see what I can do. 😊
@@AndyMaloneMVP would be great, I have been searching what these two can do but haven't really found anything useful. 😊
love this video new here
Awesome great to have you onboard 😊
Brother I have got new Job M365 security engineer, I have only one month time to go there, Could please tell me how to get knowledge about Microsoft Defender in simple way.
Honestly my friend the best advice is study. Learn.microsoft.com is the best place. Create a demo account and practice 👍🙂
Window Defender is garbage. it uses so much memory, I can't stream movies with a gig of RAM. Then you can't disable it without it automatically re-enabling itself. It's really difficult to remove completely, once you get fed up with it... and you will.
Don’t confuse a home-based product with a vastly superior behavioural driven security protection, sweet. Defender for endpoint protection is one of the finest products on the market. As a mountain of evidence to back it up.
@@AndyMaloneMVP Maybe so, but It's a resource hog.
@@user-nb5cf9me5j switch to a Chromebook or Mac. I don’t use windows anymore🤪