Despite criminal masterminds and “security researchers” always coming up with the next greatest tool for causing financial damage to our businesses and economy, there are patterns.
Defense implies a reactionary approach. Prevention set the scene where ransomware can’t get you in the first place.
Many vendors call this Endpoint Detection and Response (EDR) or Extended Detection and Response (XDR). Microsoft calls it Defender for Business.
Once these two items have been set the ability of PlugX to take advantage of innocent people should be thwarted.
All it took was an email attachment policy, a little hardening of Microsoft Office and the configuration of the built-in anti-virus software
let’s say that you’ve come across a situation, and you want to remove a device from the network – remotely, while you investigate. Interestingly this device, need not be enrolled in Defender for Business. It can an unmanaged device to
I often get asked how we manage networks without an RMM tool and I always reply that we take full advantage and make use of what Microsoft has to offer. This type of rule is an example of that philosophy.
To resolve this error, you need to remove three security groups from Azure AD. These groups were created by default in your tenant but have since been deprecated by Defender.
This is a collection of posts about Microsoft Defender. How to set, configure, troubleshoot and implement.
There are a number of basic settings in Defender that should be configured before you start using Defender.