Defender Implementation, Tuning, and Testing

Security Risk Advisors (SRA) will work with customer's team to deploy Windows Endpoint Defender to Windows workstations and servers. SRA will enable baseline configurations and features including network discovery, anti-virus, real-time protection, behavioral monitoring, potentially unwanted applications protection, and cloud protection. Following the successful implementation of the baseline Defender controls, SRA will continue with implementation of Defender features that may require additional testing and caution before moving intro production: attack surface reduction (ASR), exploit protection, controlled folder access, custom detection rules, tamper protection, endpoint hardening, and SIEM integration. Throughout the plan, SRA will assist customer in developing and executing a migration plan to safely transition off existing software and infrastructure. SRA will create documentation for any new security controls or processes that are introduced as part of this engagement. SRA will also provide knowledge transfer/training sessions for customer teams and/or third parties who will be responsible for the maintenance and operations of security controls, configurations, or processes implemented during the engagement. Following the technical implementation, SRA will create a concise roadmap outlining deployment options as well as recommendations for further enhancements to improve overall Defender capabilities.