Sascha StumplerI built a browser-based editor (with the help of Claude) for authoring macOS Defender for Endpoint USB Device Control policies - no more hand-editing JSON inside XML. Full walkthrough in the article.
Bluewall 
Update ๐งต
Rules ARE active, Event ID 1121 confirms blocking (WmiPrvSE โ HPFirmwareInstaller blocked, LSASS protection firing daily).
But Get-MpPreference returns empty, registry key missing. TVM can't detect them โ Secure Score stuck at 22/22 exposed.
Anyone seen this before? #MDE #Intune #DefenderForEndpoint
Rules ARE active, Event ID 1121 confirms blocking (WmiPrvSE โ HPFirmwareInstaller blocked, LSASS protection firing daily).
But Get-MpPreference returns empty, registry key missing. TVM can't detect them โ Secure Score stuck at 22/22 exposed.
Anyone seen this before? #MDE #Intune #DefenderForEndpoint
Tedi HeriyantoMicrosoft Defender for Endpoint Deep Dive
- Part 1: https://cyberboo.substack.com/p/microsoft-defender-for-endpoint-deep?r=6h4qin
- Part 2: https://cyberboo.substack.com/p/microsoft-defender-for-endpoint-part
- Part 3: https://cyberboo.substack.com/p/microsoft-defender-for-endpoint-part-14d
- Part 4: https://cyberboo.substack.com/p/microsoft-defender-for-endpoint-part-dc3
- Part 5: https://cyberboo.substack.com/p/microsoft-defender-for-endpoint-part-8bb
- Part 6: https://cyberboo.substack.com/p/microsoft-defender-for-endpoint-part-259
EMS RouteDevice Risk Meets Conditional Access: The Real Power of Unified Endpoint Security
Device compliance is one of the things that should be on top of the list of any organization's Cybersecurity activities. This enforces the next steps that can be taken by the device management solution from reporting to block access to resources immediately if the configured device policies are not meeting a certain standard. For an example, take Windows OS level. If you don't have a marker to understand the devices that doesn't meet the minimum OS levels and the next steps of restricting [โฆ]https://emsroute.com/2025/10/28/device-compliance-policy-mde/
Brian Baldock๐ก Think your disconnected environment canโt use AI-driven protection? Think again.
With Microsoftโs Streamlined Connectivity, enabling Defender for Endpoint in restricted networks has never been easier. Proxies make it possibleโhereโs how to do it right: https://blog.brianbaldock.net/mde-proxies-2025
#CyberSecurity #DefenderForEndpoint #XDR
With Microsoftโs Streamlined Connectivity, enabling Defender for Endpoint in restricted networks has never been easier. Proxies make it possibleโhereโs how to do it right: https://blog.brianbaldock.net/mde-proxies-2025
#CyberSecurity #DefenderForEndpoint #XDR
Nicola FerriniSecurity Management Features di Defender for Endpoint per i Domain Controllers (in Preview)!
#CyberSecurity #DefenderForEndpoint #DomainControllers #SecurityManagement #ICTPower
AzureTracksTake advantage of Microsoft Defender for Endpoint to defend against advanced threats targeting your endpoints, including malware, ransomware, and sophisticated attacks. #DefenderForEndpoint #EndpointSecurity
kurtshComprehensive guidance for the Defender community on MDE's capabilities so you know exactly what's available
The v6 update has 15 changes, including:
โข New ASR capabilities
โข New Defender antivirus capabilities
โข New device response actions
โข Much more!
Ultimate Comparison of Defender for Endpoint Features by OS - Ru Campbell MVP
https://campbell.scot/feb-2024-ultimate-comparison-of-defender-for-endpoint-features-by-os/
#microsoftdefender #defender #mde #m365 #microsoft365 #defenderforendpoint #edr #xdr #microsoft #blueteam #azure
[Updated Feb 2024] Ultimate Comparison of Defender for Endpoint Features by OS - Ru Campbell MVP
Finally, itโs time for a refresh. Itโs been a while! Due to personal circumstances, I havenโt been able to keep the Ultimate Comparison of MDE by OS updated. Iโve had time to dive into the changes since v5 and itโs really been amazing to see MDE grow in scope. What is MDE and why do we need an โultimate comparisonโ? Microsoft Defender for Endpoint (MDE) is a massive stack of endpoint protection and endpointโฆ
F0rm4t๐๐ซ๐จ๐ญ๐๐๐ญ ๐ฎ๐ง๐ฆ๐๐ง๐๐ ๐๐ ๐จ๐ซ 3๐ซ๐ ๐ฉ๐๐ซ๐ญ๐ฒ ๐๐๐ ๐ฆ๐๐ง๐๐ ๐๐ ๐ข๐๐/๐๐ง๐๐ซ๐จ๐ข๐ ๐๐๐ฏ๐ข๐๐๐ฌ ๐ฐ๐ข๐ญ๐ก ๐๐๐
In this blog post, you will learn how to protect unmanaged (personal) or 3rd party MDM managed iOS and Android devices with Microsoft Defender for Endpoint as your Mobile Threat Defense (MTD) solution.
The solution leverages Intuneโs App Protection Policies aka MAM to enforce Device Protection with MDE regardless of the device enrollment state.
#mde #defender #defenderforendpoint #mtd #mobile #mobileprotection #mobilerhreatdefence #edr #xdr #microsoft #microsoftsecurity #soc #intune #mdm #mam #byod #ios #android #cloudnative
Free training for Microsoft Defender for Endpoint, Microsoft's industry leading XDR solution:
"Become a Microsoft Defender for Endpoint Ninja"
https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/become-a-microsoft-defender-for-endpoint-ninja/ba-p/1515647
Documentation: "Microsoft Defender for Endpoint"
https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/?view=o365-worldwide
#microsoft #msftadvocate #ninjatraining #defender #mde #defenderforendpoint
