Wider attack surface coverage powered by hundreds of integrations and deeper threat visibility powered by thousands of detections.
Version: Windows 10 and Windows Server 2016.
Windows Defender is known as Windows Defender antivirus in Windows 10 (Creators update) and later, is an anti-malware component of Microsoft Windows. It has evolved into a full antivirus program, replacing Microsoft Security Essentials as a part of Windows 8 and later versions.
Netsurion collects the event logs delivered from Windows Defender and filters them out to get some critical event types for creating a report, dashboard, saved searches and alerts. Among the event types, we are considering: Threat detection, Suspicious behavior detection, Configuration change and action taken on threats.
Netsurion monitors all the Windows Defender events which are given as below.
Once events are received into Netsurion, Reports, Knowledge Objects, Categories and Dashboards can be configured into Netsurion.
Some of the Data Source Integrations available in Netsurion are listed below.
The configuration details are consistent with Netsurion version 9.X and later, and Windows Defender Windows 10 and Windows server 2016.
Download Integration Guide and How-to Guide for more information and to configuration instructions.