LimaCharlie Leaps Ahead With Endpoint Protection

The newest extension to LimaCharlie’s SecOps Cloud Platform (SCP) offers users advanced control over Windows endpoint protection at scale. This powerful new capability allows security service providers to easily manage free instances of Microsoft Defender Antivirus (previously Windows Defender) on all Windows endpoints through a single unified interface.

Key Capabilities

This extension is simple to enable, requires no additional integrations, and immediately provides three powerful capabilities to users:

Defender Check: Instantly query Windows machines to verify the presence of an active Defender instance. Easily identify any unprotected workstations across tenants

Defender Alerts: Receive important telemetry from Windows Defender at wire speed. Receive notifications immediately if Windows Defender detects a problem 

Remote AV Scan: Initiate Defender AV scans on Windows endpoints. Perform scans ad-hoc or use the SCP to automate them to occur at regular intervals.

Strategic Benefits

The new extension delivers significant operational advantages: 

• Centralized Management: Control Defender across all your endpoints from a single interface

• Robust Telemetry Collection: Gather comprehensive endpoint security data

• Rapid Event Detection: Identify potential threats in your environments

• Powerful Automation Opportunities: Schedule scans or created automated responses

The SCP also creates a starter set of detection and response (D&R) rules that extend beyond simple alerting. These rules can be further customized to meet the broader security needs of your environment(s).

Getting Started with Endpoint Protection

Enabling enterprise and cross-tenant endpoint protection has never been so simple. Read more about enabling the new Endpoint Protection extension in our documentation. If you’re new to LimaCharlie, try it for free or book a demo with our solutions engineers.