2.1 Design: MDE Settings Management, MDE from Zero to Hero

Рет қаралды 5,227

Күн бұрын

Welcome to Microsoft Defender for Endpoint - From Zero to Hero, Module 2.1. Design: MDE Settings Management
It can be challenging to choose the best method to deploy MDE settings to the endpoints. In this video, I explore different options and share some useful insights about GPO, Configuration Manager, and Microsoft Endpoint Manager.
In this video you will see:
1 - MDE settings overview
2 - Linux .json
3 - GPO
4 - Configuration Manager
5 - Configuration Manager Tenant Attach
6 - Microsoft Endpoint Manager
7 - Final considerations
**COURSE OUTLINE**
I have plans to record 20+ videos and the course outline is not set in stone. Below are the modules already available and the ones on the horizon:
1. Product Overview - www.youtube.co....
1.1 - Minimum requirements and licensing - • 1.1 Minimum requiremen...
2 - Design & key decisions
2.1 Design: MDE settings deployment - • 2.1 Design: MDE Settin...
2.10 Device tag overview - • 2.10 Device tag overvi...
2.11 Deploying device tag via portal, GPO and Intune - • 2.11 Deploying device ...
2.12 - Device auto-tagging via Logic Apps - • 2.12 Device auto-taggi...
3 - MDE deployment
3.1 - Initial setup and advanced settings - • 3.1 Initial setup and ...
3.2 - Deploying settings via MEM - • 3.2 Deploying AV sett...
3.3 - Deploying settings via GPO - • 3.3 Deploying AV setti...
4 - Onboarding
4.1 - Onboarding overview - • 4.1 Onboarding overvie...
4.2 - Onboarding via GPO and local script - • 4.2 Onboarding via GPO...
4.3 - Onboarding via Microsoft Endpoint Manager - • 4.3 Onboarding via MEM...
4.4 - Onboarding via helper script - • 4.4 Onboarding via hel...
4.5 - Auto Onboarding via Defender for Cloud
5 - Migration from 3rd party solution - • 5 .1 Migration from 3r...
6 - Monitoring
6.1 - Alerts and incidents management - • 6.1 Alerts & incidents...
6.2 - Ransomware attack investigation (*recording)
7 - Integration with SIEM (Security Information and Event Management)
8 - Troubleshooting
8.1 - Troubleshooting mode deep dive - • 8.1 Troubleshooting mo...
8.2 - Troubleshooting PowerShell output issue - • 8.2 Troubleshooting Po...
My Microsoft Defender for Endpoint - From Zero to Hero playlist can be accessed from
• Introducing my Defende...
Please consider subscribing to my channel for the latest updates and upcoming modules.
Thanks for supporting this project, I hope you enjoy and learn a lot
Thanks for watching
Jackson Felden
#MicrosoftDefenderForEndpoint #MDE #CyberSecurity

Пікірлер: 14

@Timmy-Hi5 Жыл бұрын

this kind of series is one the most valuable FREE content ever made👌🤟👋💥💯... from M365 to Architects 🤩 WE SALUTE YOU JACKSON 🖖

@jacksonfeldencloudsecurity Жыл бұрын

Thanks for the feedback, I'm glad you find my content useful. Thanks for your support.

@Timmy-Hi5 Жыл бұрын

@@jacksonfeldencloudsecurity ❤️✨✨🤩

@eduardoxbo 5 ай бұрын

Sir, this is gold, thank you!

@hrudaygajanankuthe2476 4 ай бұрын

Thank you for sharing ❤

@sidekickmusic5936 Жыл бұрын

I can't thank you enough for these videos!!

@jacksonfeldencloudsecurity Жыл бұрын

I'm glad you find my content useful. Thanks for your support

@readerko 2 жыл бұрын

Thank you for an amazing video, I am trying to find how to obtain json file for linux as it is not present in destination folder after onboarding.

@jacksonfeldencloudsecurity Жыл бұрын

Thank you for the comment. Please check at learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/linux-preferences?view=o365-worldwide for all the supported MDE parameters for Linux. Scroll down to see an example of a json file.

@sidekickmusic5936 Жыл бұрын

Windows Server is available for ASR now!

@jacksonfeldencloudsecurity Жыл бұрын

Microsoft is making some good changes, I tested ASR on servers 2019 and it worked.

@harvey7241 6 ай бұрын

Thank you so much for these videos, Jackson. I have one question. if in an organisation. you want to implement in a way that all alerts from the whole org gets in the Defender, if its an Endpoint or a email alert. So, does everyone needs to have E3 or E5 license or Just administrators who need to analyze and look into the alerts required E5. others dont need to be on that? will defender still analyze whole organisation?

@TheSKORPS Жыл бұрын

Great stuff, and thanks for sharing your knowledge! Can you please check if all videos are available? I dont see the video 2.2, and from 6.3 jumps to 8 and skips chapter 7. Once again, thank you!