Overview:
This hands-on workshop walks participants through the complete setup and configuration process for Microsoft Defender for Business - from initial tenant activation to advanced policy tuning.
Attendees will follow step-by-step guidance to onboard devices across Windows, macOS, iOS, and Android platforms, configure next-generation antivirus policies, enable endpoint detection and response, and set up automated investigation workflows. The session also covers attack surface reduction rules, web content filtering, and integration with Microsoft Intune for centralized device management. By the end, attendees will have a fully configured Defender for Business environment ready for production use.
Why you should Attend:
Misconfigured endpoint protection creates a false sense of safety. One unmanaged laptop, weak policy, or missed remediation setting can give ransomware or credential theft the opening it needs.
Areas Covered in the Session:
- Tenant setup, licensing verification, and portal navigation in the Microsoft 365 Defender console
- Device onboarding methods: automatic via Intune, local script, and Group Policy for Windows, macOS, iOS, and Android
- Configuring next-generation antivirus policies: real-time protection, cloud-delivered protection, and scan schedules
- Enabling and tuning Endpoint Detection and Response (EDR) in block mode
- Setting up automated investigation and remediation levels
- Attack surface reduction (ASR) rules: Office macro controls, script blocking, and credential theft protection
- Web content filtering and network protection configuration
- Device groups, role-based access, and security policy assignments
Who Will Benefit:
- IT Administrators
- System Engineers
- Managed Service Providers
- Technical Support Professionals
- Security Administrators Supporting SMB Environments