In this episode of Defrag Tools, Chris Jackson, the "App Compat Guy" (@appcompatguy), joins us to discuss Windows Defender Advanced Threat Protection (ATP) - a unified platform for preventative protection, post-breach detection, automated investigation, and response.
Defender ATP can be used to automatically investigate alerts and remediate complex threats in minutes.
We delve into the Windows Defender Security Center, and perform Kusto queries to discover security events for the associated enterprise. Star a trial here.
- Example Queries - https://github.com/Microsoft/windowsDefenderATP-Hunting-Queries/
- ATP Blog - https://techcommunity.microsoft.com/t5/What-s-New/bd-p/WDATPNew
- Chris on Channel9 - https://channel9.msdn.com/Events/Speakers/Chris-Jackson