Advanced Hunting along with a Custom Detection Rule

By Windows Server
February 5 in Windows Servers

https://windowsbb.com/topic/568505-advanced-hunting-along-with-a-custom-detection-rule/

Followers 0

Recommended Posts

Windows Server

Posted February 5

Good afternoon,

I need some help setting up a KQL query in Advanced Hunting along with a Custom Detection Rule to automatically isolate devices where a virus or ransomware is detected. The rule must run at NRT (Near Real-Time) frequency.

We are using Microsoft Defender for Business, which is included in the Microsoft 365 Business Premium license.

Would any kind community member be able to provide me with a starting point for this?

Thank you in advance!

View the full article

Quote

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

× Pasted as rich text. Paste as plain text instead

Only 75 emoji are allowed.

× Your link has been automatically embedded. Display as a link instead

× Your previous content has been restored. Clear editor

× You cannot paste images directly. Upload or insert images from URL.

Insert image from URL

https://windowsbb.com/topic/568505-advanced-hunting-along-with-a-custom-detection-rule/

Followers 0

Go to topic listing

Sign In

Advanced Hunting along with a Custom Detection Rule

Recommended Posts

Windows Server

Join the conversation

Browse

Activity