Automate - Security Management - Defender for Endpoint Actions#

Dashboard for Defender for Endpoint actions - endpoint management

Links

Incident and Alert Actions
explore View Incidents
add_alertView Alerts
Device Actions
computer View Devices
listView and Manage Machine Actions
filter_9_plus Bulk Actions
scanner Initiate Scan on Device(s)
compare_arrows Manage Isolation of Device(s)
remove_circle Offboard Device(s)
code Manage code execution on device(s)
get_app Collect investigation from device(s)
stop Stop and Quarantine File on device(s)

Charts

CHARTS
TitleTypeResourceDescription
Device Count by Exposure chart-pie Defender Devices Count of machines by exposure level
Device Count by Status chart-pie Defender Devices Count of machine actions by type of action
Action Count by Type chart-pie Defender Actions Count of machine actions by type of action

Tables

TABLES
TitleResourceFieldsDrill-down
Action Counts by machine - Top 10 Defender Actions Machine DNS Name
drilldown-modelType: device/mssecurity/MachineAction