Do you know the different ways you can onboard MDATP? and do you know how to integrate into your SOC?
Four ways you can onboard MDATP:
- Onboard Microsoft Defender ATP using Microsoft Intune
- Onboard to Microsoft Defender ATP using Microsoft Intune and Configuration Manager
- Onboard to Microsoft Defender ATP using Configuration Manager or Group Policy Objects
- Onboard to Microsoft Defender ATP using local scripts
Architecture for the above four scenarios:
I have attached a beautiful document below “MDATP Deployment strategy”. Use this guide to select the appropriate Microsoft Defender ATP architecture based on your Customer needs and then assist your Security Operations Center (SOC) in on-boarding machines and securing endpoints. This guide will provide high-level information on prerequisites, design, and configuration options.
Please download the document from here – mdatp-deployment-strategy
The document provides information on how to Prepare Setup Onboard.
Guidelines on the Service Adoption in an order:
Kiran NR Cyber-security blog 