6.1 Alerts & incidents management, MDE from Zero to Hero

Welcome to Microsoft Defender for Endpoint from Zero to Hero, Module 6.1 - Alerts and incidents management.
Managing alerts and incidents created by Defender for Endpoint is a critical task in any organization regardless of the size or type of business.
In this video you will see the following:
1 - Alert generation
2 - How to work with alerts & incidents
**COURSE OUTLINE**
I have plans to record 20+ videos and the course outline is not set in stone. Below are the modules already available and the ones on the horizon:
1. Product Overview - www.youtube.com/watch?v=Ul4Zx...
1.1 - Minimum requirements and licensing - • 1.1 Minimum requiremen...
2 - Design & key configuration
2.1 Design: MDE settings deployment - • 2.1 Design: MDE Settin...
2.3 - Design - Best practise for full scan - • 2.3 - Design - Best pr...
2.10 Device tag overview - • 2.10 Device tag overvi...
2.11 Deploying device tag via portal, GPO and Intune - • 2.11 Deploying device ...
2.12 - Device auto-tagging via Logic Apps - • 2.12 Device auto-taggi...
3 - MDE deployment
3.1 - Initial setup and advanced settings - • 3.1 Initial setup and ...
3.2 - Deploying settings via MEM - • 3.2 Deploying AV sett...
3.3 - Deploying settings via GPO - • 3.3 Deploying AV setti...
4 - Onboarding
4.1 - Onboarding overview - • 4.1 Onboarding overvie...
4.2 - Onboarding via GPO and local script - • 4.2 Onboarding via GPO...
4.3 - Onboarding via Microsoft Endpoint Manager - • 4.3 Onboarding via MEM...
4.4 - Onboarding via helper script - • 4.4 Onboarding via hel...
4.5 - Auto Onboarding via Defender for Cloud
5 - Migration from 3rd party solution - • 5 .1 Migration from 3r...
6 - Monitoring
6.1 - Alerts and incidents management - • 6.1 Alerts & incidents...
6.2 - Ransomware attack investigation - • 6.2 Ransomware attack ...
6.3 - Dealing with Ransomware via Sentinel automation - • 6.3 Dealing with Ranso...
7 - Integration with SIEM (Security Information and Event Management)
8 - Troubleshooting
8.1 - Troubleshooting mode deep dive - • 8.1 Troubleshooting mo...
8.2 - Troubleshooting PowerShell output issue - • 8.2 Troubleshooting Po...
My Microsoft Defender for Endpoint - From Zero to Hero playlist can be accessed from
• Introducing my Defende...
Please consider subscribing to my channel for the latest updates and upcoming modules.
Thanks for supporting this project, I hope you enjoy and learn a lot
Thanks for watching
Jackson Felden
#MicrosoftDefenderForEndpoint #MDE #CyberSecurity

Пікірлер: 2

  • @shubhamgalhotra
    @shubhamgalhotra3 ай бұрын

    great video❤

  • @RichardGailey
    @RichardGailey Жыл бұрын

    Really nice video and looking forward to the next one. Real-world investigations as well as deep diving in to simulated ones via MS are some of the best videos people can learn from, so thank you for doing these. Trying to narrow down the root cause of the issue and where the threat actually came from is the most critical thing in preventing this from happening again and blocking potential further dwell time or persistence due to missing something in the clean up part.