¶ Overview
Exium’s Extended Detection and Response (XDR) offering includes Managed Microsoft Defender, a solution designed to enhance the security capabilities of Managed Service Providers (MSPs) and their small to midsize business (SMB) clients. By integrating seamlessly with built-in Microsoft Defender Antivirus, this solution provides enhanced visibility and management of malware threats detected within Windows environments.
¶ Key Features and Benefits
|
|
Key Features and Benefits |
|---|---|
| 1 |
Leverage Existing Investments By utilizing Managed Microsoft Defender, MSPs can maximize existing investments in Microsoft Defender while extending protection through Exium’s robust security infrastructure. This allows for enhanced front-line protection, crucial in today’s cyber risk landscape. |
| 2 |
Enhanced Malware Visibility and Management Managed Microsoft Defender, an integral part of Exium’s XDR, capitalizes on Windows Defender's anti-malware capabilities, offering comprehensive insight into detected threats. |
| 3 |
Comprehensive Security for SMBs Effective antivirus solutions remain critical, especially for SMBs increasingly targeted by cybercriminals. Managed Microsoft Defender, in conjunction with Exium XDR, leverages Microsoft Defender Antivirus—an often underutilized security feature within Windows OS—to bolster virus protection while also offering improved cost-efficiency for businesses. |
| 4 |
Centralized Management and Monitoring With multi-tenant support through the Exium dashboard, Managed Microsoft Defender allows for streamlined management of endpoint security. Key capabilities include:
|
¶ Accessing Managed Microsoft Defender
Logging into the XDR Console: Begin by logging into your XDR360 console with your credentials. For guidance, please refer to the section titled "Unlocking the XDR Platform."
Navigating to Threat Hunting: After logging in, click on the menu icon (three horizontal lines or "hamburger icon") to access the navigation menu.
Filtering Alerts: Filter for "Level 12 or above" alerts by clicking on the alert count, as demonstrated in the accompanying screenshot.
Reviewing Events: Scroll down to locate events labeled “Microsoft Defender Antivirus has detected malware or other potentially unwanted software.”
Viewing Event Details: Click on the arrow at the left side of the event entry, as indicated in the example screenshot, to open detailed information. For instance, in the example provided, an attempt was made to download the "EICAR_Test_File," which was promptly removed by Microsoft Defender, triggering an alert. In this scenario, no further action is necessary since the malicious file was successfully removed.
¶ How to Test Managed Microsoft Defender
To evaluate Managed Microsoft Defender, we will attempt to download an EICAR file. The EICAR Anti-Virus Test File is a file specifically designed by the European Institute for Computer Antivirus Research (EICAR) and the Computer Antivirus Research Organization (CARO) to assess antivirus software responses. It offers a safe way to test antivirus effectiveness without the risks associated with real malware.
Please follow the steps outlined below:
Visit the EICAR Website: Begin by navigating to the official EICAR Website.
Locate the Download Section: Scroll down to the "Download" section, as shown in the accompanying screenshot.
Download a Test File: Select any of the available test files and click “Download,” then choose “Save” when prompted.
Observe Defender's Response: Microsoft Defender will automatically remove the test file upon download.
Review Alerts: Return to the Managed Microsoft Defender dashboards to view the generated alerts, as described in the previous sections.
To learn more about implementing SASE and XDR for your organization and explore tailored solutions that meet your unique requirements, contact Exium at partners@exium.net for a consultation or demonstration. If you are ready to get started, check out our testing and onboarding process.