Perform device investigations in Microsoft Defender for Endpoint
Microsoft Defender for Endpoint provides detailed device information, including forensics information. Learn about information available to you through Microsoft Defender for Endpoint that aids in your investigations.
Learning objectives
Upon completion of this module, the learner is able to:
- Use the device page in Microsoft Defender for Endpoint
- Describe device forensics information collected by Microsoft Defender for Endpoint
- Describe behavioral blocking by Microsoft Defender for Endpoint
Prerequisites
Intermediate understanding of Windows 10.