It is helpful video, cheer!! but I have some issue on my branch offices with onboard by GPO... it seems client computers can't run WindowsDefenderATPOnboardingScript.cmd has block on UNC path file.. have you faced issue like this ?

Hello can you help me which policy will block the fido2 key to use on the device

Thank you very much for the excellent explanation it was just what I needed Greetings from Argentina.

isnt the onboarding script the same for each OS? The only differences is the msi file that is needed for 2012 and 2016. Awesome Video by the way!

Thanks Jackson, you've gained a subscriber. I like watching videos like this before digging into the MS documentation as it makes it a bit easier to understand.

how to create admin account using this method but without the password?

always very good

The stages involved in Microsoft Defender antivirus health report include real-time intelligence from the Intelligent Security Graph, stopping threats based on behaviors and process trees, running different types of scans, checking for issues with Windows update, storage capacity, and device drivers, and providing continuous antivirus and anti-phishing scans. This helps in identifying and resolving problems by detecting malware based on abnormal behavior, showing scan results, quarantining threats, and offering solutions to resolve detected issues.

The stages involved in Microsoft Defender antivirus health report include real-time intelligence from the Intelligent Security Graph, stopping threats based on behaviors and process trees, identifying and blocking malware based on abnormal behavior, running different types of scans, viewing scan results, managing device performance and health, and accessing device inventory. This helps in identifying and resolving problems by providing continuous antivirus and anti-phishing scans, alerting if malicious apps are found, offering solutions to detected issues, and allowing users to take actions such as starting scans, locating devices, and wiping devices for better security and protection.

Good course and good video. in our organization we need to implement this process and i will try it for one of the key to see if everything is good. thanks for this video

Is there any significance of different colors for same tags ? Eg: Win-10 here. Also, I read that there is only 1 device tag(i.e GROUP) that can be configured from registry. Any rationale behind this ?

It is amazing! Thank you so much. I am looking forward to seeing more content about alerts, incidents and investigations.. Could you provide as well some content about Email Security?

great video❤

Will this work for only enabling discovery on a select set of devices?

Thanks for the video, is there a video for migration from 3rd party AV to defender for endpoint on Linux Server!

U literally saved my life

i am unable to install defender agent getting error on all windows 2012R2 servers 2012 R2 - MpAsDesc.dll 310

Thank you for your work. May god bless you.

Thanks for the detailed GPO configuration. Can I download an export of the GPO you showed? or can you share an export of the GPO you showed? There are a lot of settings and some you unfortunately skipped. Other question, ever deployed your specific GPO in a real production environment & what was the outcome aka is it safe to deploy?

Awesome video!!

Thank for the info.

Amazing video, thank you

does this work if you don't have an intune license

Many thanks - very helpful

To Identifying ASR Recommendations You can also filter recommendations by "Category" and choose "Attack Surface Reduction".

fantastic

all your videos are superb and easy to understand. Please keep posting your new videos. Thanks so far for all your efforts and really appreciated :)

Very good and simple to understand ... Thanks :)

Olá Jackson, eu sou um estudante da escola municipal de ensino fundamental Rotermund, cujo você estudou durante sua infância e deu uma palestra nesse dia 14, depois de conversar com meu pai ele te reconheceu, o nome dele é Márcio Radtke Trentini, ele trabalhou e morou com você durante um ano em 1991. Justamente por me interessar muito pela informática, eu agradeço muito por uma palestra como a que você fez, que me inspira muito a seguir nessa área.

Can it detect if you're connecting with a VPN address?

Dear Jack where can i get your complete course on MDE with continuous sessions . Please help me

Hello and grating , thank you for your very great video I have a question please from the beginning from where you have the windows inside intune that you on-boarded win10-26 it was not on-boarded but you can find it inside intune does it a member of azure or it s vm in your laptop? and how you find it in your intune portal

I do appreciate all the videos you uploded. Great help!

Very nice tutorial.

Can’t hear you!

Great effort with these, thanks for the videos! The numbering is somewhat confusing. If we just watch the playlist are we getting all the videos or are some missing?

Hi Jackson, Thank you very much for taking the time out to make this video. I'm so happy I came across this Video. I have been able to create another KQL query that would work for various sections of my organization. It allowed me find devices with different IP addresses running on Windows OS. However, I still have one unclear part. On what device do I run the Powershell script? Is it on the cloud active directory DC, the on premises DC, or just any device in the organization with MDE installed? I have been stuck on this part for a couple hours. I would really love it if you could write back. Regards,

Amazing! Straight and to the point, just what I was looking for! I'm subscribed! While user was created, do you know why the status might be "Error" and error code "-2016281112" for both the LUG and Password when I assign it to a group of Users for each of user's machines? Should it be assigned to devices instead?

*promosm*

I ran into an issue with the api limits. Max 100 tags per minute and 1500 per hour. Running the logic app every 4-5 minutes with "| take 100" at the end of the query limits it to only do 100 tags each time and seems to have fixed most of my issues. It was more of a temporary issue as the automatic tagging i do normally wont include that many devices. But this was for a large group of newly onboarded ones.

Great stuff, and thanks for sharing your knowledge! Can you please check if all videos are available? I dont see the video 2.2, and from 6.3 jumps to 8 and skips chapter 7. Once again, thank you!

Great video. Let’s say you start a pilot deployment for Windows servers. Which servers would you add first without having issues and which servers should I be careful with?

please let throw some lights on defender portal capabilities, prerequisites, how to enroll. advantages of defender compare other antivirus, how to enable antivirus and defender on computers, advantage of deploying defender updates, other capabilities related to end point, Intune defender capabilities, prerequisites

Great video, thanks for posting

Please clarify why we required sentinel to isolate, if there is any malware found defender has capability to identify and isolate the device right

Thank you Jackson! You helped me out with this tutorial.

How would one accomplish this for MacOS that is enrolled in Intune?

What if I dont want to fully isolate the endpoint I want users to have the option to communicate via teams & outlook but rest everything blocked As this option is available when we do manual isolation from defender portal Which action should we select for trigger isolation in logic apps

Excellent Videos, Jackson! Quick question - any idea how to onboard MDE devices to Intune?

But, what if we already have a AV solution and you need to uninstall that AV solution before you onboard the MDE for Desktops or Servers, then how would you do that? I am not sure you would see it, but if you do see this question, please do respond. Can you offboard the existing AV solution like SEP or Trend and then use MDE for Windows 10/11 or Servers?