I turned on the Endpoint Protection extension and it is pretty noisy. Does anyone know of work that has been done to parse out the Settings Changes that are worthy of investigation versus UX, feature changes, scan state changes, etc.?
1 Like
I haven’t found the definitive source on Windows Defender Operational Logs but I did find this site that helps parse through some scenarios worth investigating: ETW - Windows Defender | artifacts.help
1 Like