Managing Microsoft Defender for Endpoint

Introduction

Follow this article to configure a custom policy for Microsoft Defender for Endpoint (MDE). We've broken down the setup into six steps:

  1. Access the Blackpoint Add-Ons Portal
  2. Select the customer
  3. Open MS Defender Policies
  4. Add New Policy
  5. Configure Policy
  6. Assign Policy to Tenant Domains

Prerequisites

  • Be subscribed to the Blackpoint Response plan. If you are currently subscribed to individual products, you must sign in to the Blackpoint Partner Portal and convert the service to Blackpoint Response.
  • Have devices onboarded to Microsoft Defender for Endpoint through one of the supported Deployment Methods - Learn More
  • Activate the Microsoft Defender for Endpoint Integration for the customer in the Blackpoint Add-Ons Portal - Learn More

Instructions

  1. From the Blackpoint Partner Portal, navigate to the Blackpoint Add-Ons Portal. 
  2. From the customer switcher, select a customer that has Microsoft Defender for Endpoint connected from the prerequisites above. 
  3. Select MS Defender Policies from the left menu bar. A list of Policies will be displayed. 
  4. A default policy is added and managed by Blackpoint with best practices defined by our Adversary Pursuit Group (APG). Click Edit to review the policy or click Add Policy to create your own. 
  5. On the Settings tab, adjust the options to your meet your preferences. For more information on these settings, see this Microsoft KB article.
     
  6. On the Assigned Tenant Domains tab, select the domains this policy should apply from the drop-down, then click Add to Policy. If a tenant should not be included in this policy, remove it from the list by clicking the Remove button. 

If you need any more information, please reach out to your Partner Success Manager.