So I needed something different to operationalise Windows Defender with Azure VMs. There is a Log Analytics solution, but solutions are deprecated and, last time I checked, it required the workspace to be in per-node pricing mode. But the level of management is poor-none. There is an integration with the control plane using the antimalwareagent extension.
But it surprises me how many of my customers (all) choose Defender over third-parties for their Azure VMs … with no coaching/encouragement from me or my colleagues.
Windows Defender is built into Windows Server 2016 and Windows Server 2019.
In this post, I will explain how one can monitor Windows Defender and create incidents for it with Azure VMs.
0 kommentar(er)
