Endpoint Manager Archives -

person writing on brown wooden table near white ceramic mug

Defender XDR + Intune Continuing Education

Experience continuous learning with our monthly newsletter and teaching webinar on Defender XDR + Intune. Enhance your knowledge and stay up-to-date!

brown and black butterfly on gray rock during daytime

Attack Surface Reduction = Zero Day Protection

Attack Surface Reduction (ASR) rules have expanded to include a full range of zero-day protections. If you aren't using them today or haven't tried to use them recently, then it's time to look again. If you aren't locking down Windows natively then you're missing out on critical security features.

What is Defender Anti-Virus Troubleshooting mode?

The real purpose of Troubleshooting Mode, then is for you to document changes that you need to make to the organizational policy for Defender for the affect machines.

Announcing our Microsoft 365 Newsletter

This newsletter is a curated blog roll of the 8 most important topics published by Microsoft in the previous week.

Peer groups and learning groups for 2024

It was my pleasure to introduce peer groups to Third Tier. In 2024, we're introducing focused learning groups for Defender, Intune, Public speaking and more

Conclusions from reading threat analyst reports

Despite criminal masterminds and "security researchers" always coming up with the next greatest tool for causing financial damage to our businesses and economy, there are patterns.

Ransomware prevention, not defense

Defense implies a reactionary approach. Prevention set the scene where ransomware can't get you in the first place.

How to manage Office updates with Microsoft 365

It's one of the least known and used portal in the entire Microsoft 365 suite. Too bad, because it contains some configuration and automation gems. Let's see how we use it to automate Office updates.

Protect accounting firms from spreading malware via uploaded tax documents

Fortunately, Defender protects against this when configured correctly. In addition to the Defender for Endpoint sensor installation, Attack Surface Reduction rules and certain anti-virus configurations should also be deployed

unrecognizable black colleagues browsing laptop at table with face mask

Avoid PlugX malware

Once these two items have been set the ability of PlugX to take advantage of innocent people should be thwarted.

Disrupting Qakbot

All it took was an email attachment policy, a little hardening of Microsoft Office and the configuration of the built-in anti-virus software

focus photo of yellow paper near trash can

Blocking Fileless malware

It's an Attack Surface Reduction rule and it is exploited in the wild, so it's import to close up this vulnerability to fileless attacks.