Microsoft Defender for Endpoint: a deep dive into its best-kept secrets

Microsoft Defender for Endpoint (formerly Defender ATP) is leading the pack when it comes to Endpoint Security. Consistently outperforming the competition, and ever-evolving, there’s never been a better time to look at how it can be used to enhance your security defences.

Join Transparity as we take you on a journey through Microsoft Defender for Endpoint, showcasing some of its best hidden features and answering some of your questions on how you can maximise value, effectiveness, and most importantly, the protection of your infrastructure with Defender for Endpoint.


  • 10:00  Introductions and overview of Transparity
  • 10:15  An overview of Defender for Endpoint
    • Defender for Endpoint vs. Defender Antivirus: what’s the difference?
    • Core functionality of MDE, and why we feel it’s an essential part of the defence story
    • MDE Licensing
  • 10:25  Automated Response Capabilities
    • How does MDE help you day to day through automation of investigation and response?
  • 10:35 Live Response analysis and forensics
    • A real-time investigation and post-event analysis deep-dive
    • What’s possible and why does it matter?
  • 10:45  EDR Block Mode capabilities
  • 10:55  The benefits of using Tamper Protect and how to enable it
  • 11:00  Enriching data by integrating with other Microsoft security products
    • An overview of some of the integrations that are available, including Sentinel, MCAS, Secure Score and more
  • 11:15  Q&A and close
Skip to content