Short & sweet educational videos on Microsoft Defender ATP

New! Overview

 Architecture

This video gives you an all-up overview of Microsoft Defender ATP:

Get a high level understanding of the service architecture:

Onboarding

Role-based access control

Get a quick overview of how easy it is to onboard your endpoints:

See how simple it is to specify granular access control with role-based access control (RBAC):

Threat & Vulnerability Management (TVM) – Overview

Threat & Vulnerability Management – Discovery & Remediation

Get continuous real-time visibility, context-aware prioritization, and a built-in end-to-end remediation process:

See how TVM discovers vulnerabilities and misconfigurations and how you can quickly take action to remediate them in your environment :

New! Attack surface reduction:

Microsoft Defender ATP gives you various tools to eliminate risks by reducing the surface area for attacks without blocking user productivity.

This video is an overview and further down we drill deeper into some of the features with separate videos:

Application control

Network protection

With application control you can control which applications are allowed to run and which are not:

Network protection defends against internet-based attacks by blocking connectivity to a internet destination that is malicious or has a low reputation:  

Reputation analysis – Microsoft Defender SmartScreen

Reputation analysis with Microsoft Defender ATP protects users against accessing untrusted websites and running malicious code on their devices:

Endpoint detection and response (EDR)

We give you the tools needed to detect and investigate advanced persistent attacks on your network.

Investigation

Advanced hunting

We give you a rich experience for triage and investigations, with all the details needed to easily narrate the end-to-end attack story:

Use advanced hunting to create your own powerful queries and turn them easily into custom detections:

Live response

Deep file analysis

Get real-time live connection to a remote system:

Use the built-in sandbox to detonate suspicious files with a single click and get a detailed and readable report back:

Threat Analytics

Unified IOCs

Assess the impact of threats to your environment and identify actions that can contain them with Threat Analytics:

Upload your own indicators of compromise (IOCs) to also get alerted on your own detection logic:

Automated investigation and remediation

 Microsoft Threat Experts

Enhance your SOC by turning on automated investigation and remediation:

Get an additional layer of oversight and analysis to help ensure that threats don’t get missed:

APIs

Streaming API

Develop Microsoft Defender ATP connected solutions and workflows with a rich set of APIs:

You can use our streaming API to stream event information directly to Azure storage or to Azure Event Hubs:

Conditional access

Security Configuration

Contain a threat by not letting risky devices access your corporate resources through Conditional Access:

See how you can use Microsoft Endpoint Manager to manage security configuration for Microsoft Defender ATP:

Microsoft Cloud App Security (MCAS)

Evaluation Lab

Integrating Microsoft Defender ATP and Microsoft Cloud App Security can help control shadow IT and assist with your security investigations:

The evaluation lab eliminates the complexities of machine & environment configuration – you can focus on evaluating the capabilities right away.