by Alex Verboon
Windows Defender ATP provides SIEM integration, allowing you to pull alerts from Windows Defender ATP Security Center into Splunk. The SIEM integration uses the Windows Defender ATP Alerts Rest API. Since I have an actual customer demand for such an Read More …
During a recent customer engagement, I was asked whether the it would be possible to add additional information to the Alert email that is send out by Windows Defender ATP when a new alert occurs. @RagoReady from Microsoft gave me Read More …
Here’s a little utility to check the status of Windows Defender ATP on a local or remote client. I basically took some code from the WDATP connectivity verification tool, removed the network connectivity testing part (I might add that later Read More …