Defender – Blog by Morten Knudsen about Microsoft Security, Azure, M365 & Automation

Automate Reporting of Defender for Cloud recommendations & Role Assignments with 35 different views

23/04/202301/02/2023 by Morten Knudsen

Background Recently, I was asked to build a simple reporting-script, which integrates data from Microsoft Defender for Cloud and Azure …

How to implement a gradual (ring) rollout-process for Microsoft Defender updates

18/03/202315/01/2023 by Morten Knudsen

It is important to ensure that your security posture systems are up-to-date to be able to prevent attacks. Microsoft Defender …

Microsoft Defender Antivirus Performance Analyzer – understand which files, file extensions, or processes that might be causing performance issues on endpoints during antivirus realtime protection scans

28/12/202228/12/2022 by Morten Knudsen

Have you ever wondered what is causing your ‘Antimalware service executable’ (Defender Antivirus) to spike the CPU for longer times? …

How to detect impacted files by Controlled Folder Access and Attack Surface Reduction rules using Advanced Hunting queries ?

13/01/202324/12/2022 by Morten Knudsen

CONTROLLED FOLDER ACCESS RULES ControlledFolderAccess – All excluding Temp ControlledFolderAccess – Only Temp ATTACK SURFACE REDUCTION RULES ASR – All …