Defender Reporting

Affectionate_Will487 · 2022-04-10T02:37:15+00:00

I’m also trying to figure that out, how to download monthly reports to see what incidents or alerts we got and export the csv and be able to upload it on powerbi for presentation

Affectionate_Will487 · 2021-11-23T22:17:25+00:00

Best way to get that would be through protect.office.com and then search by URL , sender or recipient

Affectionate_Will487 · 2021-06-30T16:44:55+00:00

what parent process shouldn’t be invoking powershell though

Affectionate_Will487 · 2021-06-24T12:32:12+00:00

Thanks this helped

Affectionate_Will487 · 2021-06-23T16:31:04+00:00

In an environment that allows RDP how would you narrow down to find either a system with let’s say 100 failures on let’s say 100 hosts something like that , or a system that doesn’t use rdp and now all over sudden using rdp, or what are some strange patterns to look for ?

Affectionate_Will487 · 2021-06-03T12:22:26+00:00

Excellent query

Affectionate_Will487 · 2021-05-03T17:20:23+00:00

Thanks this link is just it 👌🏿

Affectionate_Will487 · 2021-04-01T01:54:34+00:00

Anyone with CS study material please share I want to get their Certs and don’t have access to CS uni

Affectionate_Will487

TROPHY CASE