Recent DiscussionsMost RecentNewest TopicsMost LikesSolutionsTagged:TagRe: Which licenses do i need? binza999Its per user. See here - Microsoft 365 E5 | Advanced Security 365 | Microsoft Re: Which licenses do i need? binza999To see the options for licensing from Microsoft 365 compliance features, download theMicrosoft 365 Comparison table. Re: What Logs To Monitor For Initial Sentinel OnboardI would start with the free connectors first - - Azure Active Directory Identity Protection - Alerts - Azure Activity - Azure Defender - Alerts - Microsoft Cloud App Security - Alerts - Microsoft Defender for Endpoint - Alerts - Microsoft Defender for Office - Alerts - Office 365 Activity - Admin and audit logs (SharePoint, Exchange, OneDrive, Teams) If you use the paid connectors next, use this query to keep track and stay under budget: //Billable data volume by data type Usage | where TimeGenerated > ago(32d) | where StartTime >= startofday(ago(31d)) and EndTime < startofday(now()) | where IsBillable == true | summarize BillableDataGB = sum(Quantity) / 1000. by bin(StartTime, 1d), DataType | render barchart
Recent Blog ArticlesMost RecentMost LikesRe: Fixing Mobile Devices in Non-Compliant Status – MEM SurajMalusare_8758Yes it is correct. Thanks. Fixing Mobile Devices in Non-Compliant Status – MEM In this blog, we will fix mobile devices in non-compliant status in MEM. Re: Application Guard Deployment by MECM ThanksJamesvandenBerg! Always a pleasure. Application Guard Deployment by MECM In this blog,we will go through the correct configuration/deployment of App Guard for MECM. STIGing Made Easy - Microsoft Endpoint Manager Learn about the new Group Policy Analytics for your GPO baselines or STIGs when moving to the cloud in MEM. Attack Surface Reduction Rules - Warn Mode with MEM/M365 Defender Learn about the new "Warn Mode" for Attack Surface Reduction Rules and creating the profile in Microsoft Endpoint Manager. Re: MBAM Server Migration To Microsoft Endpoint Manager Excellent article on MBAM integration! Microsoft 365 Defender – Investigating an Incident In this blog I will go over investigating an incident in Microsoft 365 Defender using the new unified portal. Microsoft 365 Defender Incident Overview In this blog I will go over the Microsoft 365 Defender Security Portaland go into detail of the incident overviewand explain each filtersetting to further your investigation. Customer Offerings:Device Protection w/ Microsoft Endpoint Manager & Microsoft Defender for Endpoint This new workshop introduces configuration deployment in a lab usingMicrosoft Endpoint Manager for Microsoft Defender for Endpoint.
MicrosoftMicrosoftMicrosoftMicrosoft
