Configure File Integrity Monitoring (FIM) using Defender for Endpoint
Previously the File Integrity Monitoring (FIM) feature in Defender for Server P2 was based on the MMA and/or Azure Monitor Agent. Since the MMA agent is almost retired/ EOL, Microsoft decided to switch to a new technique and release the…
How to protect Azure storage accounts (Blob) using Defender for Storage
Defender for Storage is the Azure-native layer of security intelligence that detects potentially harmful attempts to access or malicious activity. With the use of Microsoft Threat Intelligence and security AI, contextual security alerts and recommendations are available. Defender for Storage…
Onboard Defender for Endpoint without Azure Arc via Direct onboarding
Previously, onboarding hybrid servers to Defender for Servers with MDE required Azure Arc as a pre-requisite for the deployment. Since the standalone plan was removed from the licensing options some time ago (for CSP customers without EA agreement). Azure Arc…
Microsoft Defender for Cloud– The ultimate blog series (Intro) – P0
Microsoft Defender for Cloud is a cloud-native application protection platform (CNAPP). Defender for Cloud contains a large set of features and capabilities; it is based on the following: Introduction blog series This ultimate blog series will contain as much information…
Configure File Integrity Monitoring (FIM) using Defender for Cloud and AMA-agent
File Integrity Monitoring (FIM) is a technology that monitors and detects file changes that could be indicative of a cyberattack. File Integrity Monitoring is part of Defender for Servers P2 and enables monitoring of operating system files, Windows Registry, Application Software…
Microsoft Defender for Endpoint series – Onboard using Azure Arc or Direct onboarding – Part3C
It is time for part 3C of the ultimate Microsoft Defender for Endpoint (MDE) series. After Part 3B (Onboard Defender for Endpoint using Defender for Cloud) it is now time for some more technical deep-dive scoped on Azure Arc and…
Microsoft Defender for Endpoint series – Onboard using Defender for Cloud – Part3B
It is time for part 3B of the ultimate Microsoft Defender for Endpoint (MDE) series. After Part 3A (Onboard Defender for Endpoint using Microsoft Intune) it is now time for some more technical deep-dive scoped on Defender for Cloud. Part…
Use the Azure Monitor Agent (AMA) for Defender for Cloud and migrate from MMA agent
Defender for Cloud was since the release based on the Microsoft Monitoring Agent (MMA). Since august 2022 it is possible to auto-deploy the Azure Monitoring Agent. With this new improvement, it is finally possible to migrate entirely from the Microsoft…
How to upgrade from MMA-based Defender for Endpoint to MDE unified solution in Defender for Cloud?
The new Defender for Endpoint unified agent is generally available for some time (since April 11th, 2022. The new unified Microsoft Defender for Endpoint solution is supported for Server 2012R2 and Windows Server 2016. In addition, automated deployment and integration…
Onboard Microsoft Defender for Endpoint using Azure Arc for non-Azure devices
Microsoft Defender for Endpoint deployment is possible based on multiple deployment mechanisms. Microsoft Defender for Cloud (previous Azure Defender) is available in Azure, with Microsoft Defender for Cloud it is possible to manage devices in Azure. By using Azure Arc,…