Welcome to Microsoft Defender for Endpoint from Zero to Hero, Module 6.2 - Ransomware attack investigation
Today ransomware attacks represent a real threat to organizations in every industry independently of size or location. Check out the effect of a WannaCry attack on unprotected devices and how Defender for Endpoint works to prevent and provide all the insights related to the attack.
In this video you will see the following:
1 - Successful WannaCry attack
2 - Prevented WannaCry attack
3 - Alert investigation and actions
**COURSE OUTLINE**
I have plans to record 20+ videos and the course outline is not set in stone. Below are the modules already available and the ones on the horizon:
1. Product Overview - www.youtube.co....
1.1 - Minimum requirements and licensing - • 1.1 Minimum requiremen...
2 - Design & key configuration
2.1 Design: MDE settings deployment - • 2.1 Design: MDE Settin...
2.3 - Design - Best practise for full scan - • 2.3 - Design - Best pr...
2.10 Device tag overview - • 2.10 Device tag overvi...
2.11 Deploying device tag via portal, GPO and Intune - • 2.11 Deploying device ...
2.12 - Device auto-tagging via Logic Apps - • 2.12 Device auto-taggi...
3 - MDE deployment
3.1 - Initial setup and advanced settings - • 3.1 Initial setup and ...
3.2 - Deploying settings via MEM - • 3.2 Deploying AV sett...
3.3 - Deploying settings via GPO - • 3.3 Deploying AV setti...
4 - Onboarding
4.1 - Onboarding overview - • 4.1 Onboarding overvie...
4.2 - Onboarding via GPO and local script - • 4.2 Onboarding via GPO...
4.3 - Onboarding via Microsoft Endpoint Manager - • 4.3 Onboarding via MEM...
4.4 - Onboarding via helper script - • 4.4 Onboarding via hel...
4.5 - Auto Onboarding via Defender for Cloud
5 - Migration from 3rd party solution - • 5 .1 Migration from 3r...
6 - Monitoring
6.1 - Alerts and incidents management - • 6.1 Alerts & incidents...
6.2 - Ransomware attack investigation - • 6.2 Ransomware attack ...
6.3 - Dealing with Ransomware via Sentinel automation - • 6.3 Dealing with Ranso...
7 - Integration with SIEM (Security Information and Event Management)
8 - Troubleshooting
8.1 - Troubleshooting mode deep dive - • 8.1 Troubleshooting mo...
8.2 - Troubleshooting PowerShell output issue - • 8.2 Troubleshooting Po...
My Microsoft Defender for Endpoint - From Zero to Hero playlist can be accessed from
• Introducing my Defende...
Please consider subscribing to my channel for the latest updates and upcoming modules.
Thanks for supporting this project, I hope you enjoy and learn a lot
Thanks for watching
Jackson Felden
#MicrosoftDefenderForEndpoint #MDE #CyberSecurity #ransomware #wannacry
6 сен 2024
