Anything About IT

Learning, Building, Sharing

Use advanced hunting to Identify Defender clients with outdated definitions

Use Kusto Query Language in Microsoft Defender for Endpoint advanced hunting to identify clients with outdated antivirus definitions.

Posted by Alex Verboon on Wednesday, August 25, 2021

Hunting for Local Group Membership changes

Detect changes to the local administrator group using Microsoft Defender ATP advanced hunting.

Posted by Alex Verboon on Sunday, September 6, 2020

Microsoft Defender ATP Advanced Hunting – Who's logging on with local admin rights?

Use KQL Advanced Hunting in Microsoft Defender ATP to find out who is logging on with local administrator rights.

Posted by Alex Verboon on Tuesday, October 29, 2019