I think i found a toggle switch that can turn it back on, but i can't find the associated regkey or anything i could script in order to enable it across the board. Looks like when prevention and quarantine policies were enabled in CS, Defender automatically went passive, and turned off the ability to schedule scans. Figured we might be able to leverage Defender scans to satisfy the audit requirement, but having a surprisingly difficult time getting a scheduled task to run the scans. Apparently the auditors didn't like that answer, so I'm stuck now trying to figure out how we can run "scans" alongside CS. You may not find everything you want if you are extremely security focused. I answered by saying NGAV is constantly monitoring for malicious activity, but it doesn't scan file by file like signature based AV. Yes, Windows Defender is a good basic virus protection software. Has anyone been able to run scheduled Defender AV scans alongside Falcon NGAV? We have been faced with a couple audit questions asking: "Do we "scan" (quotes around scan added by me for emphasis) our environment on a regular basis for malware. A next-generation protection solution that comes with Windows 11, Microsoft Defender Antivirus is real-time, always-on antivirus protection.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |