From the course: Microsoft Security Essentials: Concepts, Solutions, and AI-Powered Protection

Microsoft Defender for Endpoint - Microsoft Security Copilot Tutorial

From the course: Microsoft Security Essentials: Concepts, Solutions, and AI-Powered Protection

Microsoft Defender for Endpoint

- [Instructor] So let's look at Microsoft Defender for Endpoint. What is an endpoint? It can be any device that communicates with a computer network, such as a laptop, desktop, server, virtual machine, phone, tablet, or internet of things, IoT device, like a security camera and a smart speaker. It's critical for organizations to secure their endpoints, because hackers can use a compromised device to penetrate the network and launch further attacks. Microsoft Defender for Endpoint is a comprehensive solution that helps organizations protect their endpoints. It offers various capabilities including Core Defender Vulnerability Management, which uses a risk-driven approach to manage endpoint vulnerabilities and misconfigurations; attack surface reduction, which verifies configuration settings and applies security controls like network protection and web protection; next-generation protection, which enhances antivirus functions by using techniques like behavior analysis, cloud-delivered protection, and a near-instant detection; endpoint detection and response, which helps security analysts better analyze and mitigate threats; automated investigation and remediation, or A-I-R, AIR, which automatically investigates alerts and performs remediation actions; Microsoft Secure Score for Devices, which helps you assess the current state, identify gaps, and take recommended actions; Microsoft Threat Experts, which offers a managed threat-hunting service; and management and APIs, which provides various APIs to share data and actions. You can access Microsoft Defender for Endpoint through the unified Microsoft Defender portal. Now let's do a quick demo. Here's a Microsoft Defender portal. Under Endpoints, expand Vulnerability Management. You can manage device vulnerabilities by accessing functions like Dashboard, Recommendations, Remediation, and more. Expand the Partners and APIs. You can use API Explorer to test the Microsoft Defender for Endpoint capabilities. Expand the Configuration management. You can access the Dashboard and manage Endpoint security policies.

Contents