Windows Defender Integration

Version: Windows 10 and Windows Server 2016.

Windows Defender is known as Windows Defender antivirus in Windows 10 (Creators update) and later, is an anti-malware component of Microsoft Windows. It has evolved into a full antivirus program, replacing Microsoft Security Essentials as a part of Windows 8 and later versions.

Netsurion Open XDR collects the event logs delivered from Windows Defender and filters them out to get some critical event types for creating a report, dashboard, saved searches and alerts. Among the event types, we are considering: Threat detection, Suspicious behavior detection, Configuration change and action taken on threats.

Netsurion Open XDR monitors all the Windows Defender events which are given as below.

Security – Threat detected, Action taken on threats, Suspicious behavior detected.
Operations – Configuration changes, Windows Defender disabled, Windows Defender signature update failed.

Once events are received into Netsurion Open XDR, Reports, Knowledge Objects, Categories and Dashboards can be configured into Netsurion Open XDR.

To take advantage of this data source integration and to learn more about alerts, reports, and dashboards, contact your Technical Account Manager (TAM). If you are not currently a Netsurion customer or partner, contact us to learn more.

24X7 SOC-AS-A-SERVICE

OPEN XDR PLATFORM

USE CASES

WHY NETSURION

PARTNERS

ALL CYBERSECURITY INSIGHTS

Level up your cybersecurity!

ABOUT NETSURION

XDR Hot Company

Next-Gen MDR Service

Best MDR Solution

Windows Defender