Creating Notifications for Possible EDR Evasion in MDATP

CERT-LatestNews ThreatsCybercrime
Today there is no built-in alerting for when Defender ATP agents falls out of configuration or something is not communicating correctly on them. This is key to monitor for your operations. As its fairly simple to evade Defender ATP if you have either admin rights or you are able to execute a privilege escalation.