Microsoft Windows Defender Health Analysis

The CyberCyte portal can analyse Windows Defender health state. For activating this module, please follow these steps below:

Please navigate to "Rules & Policies" -> "Policy Management" -> Click on the "Microsoft Defender Health Analysis Policy" policy.
Users can configure the policy with paremeters as company requirements. Also, users can assign the policy with default parameters.

Parameters

Descriptions

Assigned Groups

The groups for assigning the policy.

Collection Interval

The interval for data collection.

Enable Signature Update

The option for enabling the signature update.

Perform Quick Scan

The optiion for enabling quick scan.

Quick Scan Interval (Hours)

The interval for quick scanning.

Perform Full Scan

The option for enabling full scan.

Full Scan Interval (Hours)

The interval for full scanning.

Enable All Modules If Not Running

The option for enabling all the modules if they are not running.

Enable Mandatory Modules If Not Running

The option for enabling the mandatory modules if they are not running.

Custom Command

The field for defining a custom command.

Initialization Script

The field for defining a initialization script.

Execute MDE Client Analyzer

The option for executing the MDE client analyzer.

MDE Client analyzer Run Interval (Hours)

The run interval for MDE client analyzer.

Maintenance Intervals

The time intervals for maintenance.

After assigning the policy, please navigate to "Threat Hunting" -> "Analysis & Investigation" -> "Microsoft Defender Analysis". The users can see the results on the grid and analyze.

Last updated 4 months ago

Was this helpful?