About the Book
Gain an in-depth understanding of Microsoft Defender 365, explore its features, and learn successful implementation strategies with this expert-led practitioner's guide.
Key Features
Understand the history of MDE, its capabilities, and how you can keep your organization secure
Learn to implement, operationalize, and troubleshoot MDE from both IT and SecOps perspectives
Leverage useful commands, tips, tricks, and real-world insights shared by industry experts
Purchase of the print or Kindle book includes a free PDF eBook
Book DescriptionWith all organizational data and trade secrets being digitized, the threat of data compromise, unauthorized access, and cyberattacks has increased exponentially. Microsoft Defender for Endpoint (MDE) is a market-leading cross-platform endpoint security solution that enables you to prevent, detect, investigate, and respond to threats. MDE helps strengthen the security posture of your organization.
This book starts with a history of the product and a primer on its various features. From prevention to attack surface reduction, detection, and response, you’ll learn about the features, their applicability, common misconceptions, and caveats. After planning, preparation, deployment, and configuration toward successful implementation, you’ll be taken through a day in the life of a security analyst working with the product. You’ll uncover common issues, techniques, and tools used for troubleshooting along with answers to some of the most common challenges cybersecurity professionals face. Finally, the book will wrap up with a reference guide with tips and tricks to maintain a strong cybersecurity posture.
By the end of the book, you’ll have a deep understanding of Microsoft Defender for Endpoint and be well equipped to keep your organization safe from different forms of cyber threats.What you will learn
Understand the backstory of Microsoft Defender for Endpoint
Discover different features, their applicability, and caveats
Prepare and plan a rollout within an organization
Explore tools and methods to successfully operationalize the product
Implement continuous operations and improvement to your security posture
Get to grips with the day-to-day of SecOps teams operating the product
Deal with common issues using various techniques and tools
Uncover commonly used commands, tips, and tricks
Who this book is forThis book is for cybersecurity professionals and incident responders looking to increase their knowledge of MDE and its underlying components while learning to prepare, deploy, and operationalize the product. A basic understanding of general systems management, administration, endpoint security, security baselines, and basic networking is required.
Table of Contents:
Table of Contents
A Brief History of Microsoft Defender for Endpoint
Exploring Next-Generation Protection
Introduction to Attack Surface Reduction
Understanding Endpoint Detection and Response
Planning and Preparing for Deployment
Considerations for Deployment and Configuration
Managing and Maintaining the Security Posture
Establishing Security Operations
Troubleshooting Common Issues
Reference Guide, Tips, and Tricks
About the Author :
With almost 20 years of industry experience and relevant certifications, Paul Huijbregts has a long history of working with customers across the world leveraging his passion for (Microsoft) security solutions – and being brutally honest about them.
After joining Microsoft in 2016 and engaging regularly with Defender for Endpoint teams, Paul moved to Redmond (together with his wife and kids) to join them and become a product manager – in the middle of the pandemic (October 2020). Here, he is on what is called the “Platforms” team, working on solutions across operating systems and environments, focusing primarily on server endpoints and security management. His motto is: “I drink beer and I know Microsoft security things.” Joe Anich has 15 years of experience in the IT industry ranging from endpoint management with a focus on SCCM and Intune to endpoint security and incident response. Currently working on Microsoft's Detection and Response Team (DART), he works closely with customers during critical moments. Working in incident response has given Joe insight into SOC operations and how to help teams around the world improve their security posture as a whole. Outside of work, Joe enjoys running around the house with his 2-year-old son playing “chase me.” Fun fact: During the late 90s, Joe could be found at the roller-skating rink most Friday nights, gliding around the rink with a super rope in hand, maybe in JNCOs or Lee Pipes, vibing to 90s hip hop. Justen Graves is a security engineer with 14 years of IT experience. Most of his career has been focused on endpoint enablement and security, with the last 4 years spent at Microsoft. Currently working in Microsoft's Cyber Defense Operations Center, their internal SOC, he uses tools such as Microsoft Defender for Endpoint every day to defend corporate Microsoft from attack.
Justen has a BS in cybersecurity and an MBA. He holds many industry certifications, including CISSP, PMP, and GSEC, and several Microsoft certifications, including Azure Solutions Architect Expert and Enterprise Administrator Expert. Starting his career at Walmart and managing to never relocate, he resides in Northwest Arkansas with his wife and three children.
