Announcing mobile device tagging for iOS and Android
Microsoft Defender for Endpoint is helping decentralized SOC teams improve their approach to security and privacy across mobile devices by making it easier to tag iOS and Android devices – giving security admins more control over who has access to specific groups and device data.Defender for Endpoint and disconnected environments. Which proxy configuration wins?
This article is a follow-up to a previous one discussing conflicting proxy configurations and how Microsoft Defender for Endpoint behaves in these situations. The first article can be found in here. In this article we'll explore how Defender for Endpoint network traffic flows depending on which proxy configuration is in use, as well as what network traffic looks like when all three proxy configurations are set.
Introducing tamper protection for exclusions
One of the most requested features for tamper protection is protection of antivirus exclusions. With that in mind, the Microsoft Defender team has implemented new functionality that allows (path, process, and extension) to be protected when deployed with Intune.
Detecting and remediating command and control attacks at the network layer
Microsoft Defender for Endpoint helps SecOps teams detect network C2 attacks earlier in the attack chain, minimize the spread by rapidly blocking any further attack propagation, and reduce the time it takes to mitigate by easily removing malicious binaries.
