Understanding Endpoint Detection and Response

Previously covered features, such as next-generation protection and attack surface reduction (ASR), are primarily used for threat prevention, which, though tremendously valuable to an organization’s security posture, are not a guarantee against a security breach. Properly motivated bad actors will inevitably find a weak spot in your defenses. Whether it’s a user that clicks a link, a zero-day (as yet undisclosed) exploit, a new evasion technique, or even just poor configuration choices… something will eventually get through (it’s not a question of if, but when). The adage that one should assume a breach still rings true, and for that reason, organizations need a robust way to detect suspicious ...

Get Microsoft Defender for Endpoint in Depth now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.