May 27th, 2025
LimaCharlie Leaps Ahead With Endpoint Protection

Daniel Ballmer

The newest extension to LimaCharlie’s SecOps Cloud Platform (SCP) offers users advanced control over Windows endpoint protection at scale. This powerful new capability allows security service providers to easily manage free instances of Microsoft Defender Antivirus (previously Windows Defender) on all Windows endpoints through a single unified interface.
Key Capabilities
This extension is simple to enable, requires no additional integrations, and immediately provides three powerful capabilities to users:
Defender Check: Instantly query Windows machines to verify the presence of an active Defender instance. Easily identify any unprotected workstations across tenants
Defender Alerts: Receive important telemetry from Windows Defender at wire speed. Receive notifications immediately if Windows Defender detects a problem
Remote AV Scan: Initiate Defender AV scans on Windows endpoints. Perform scans ad-hoc or use the SCP to automate them to occur at regular intervals.
Strategic Benefits
The new extension delivers significant operational advantages:
Centralized Management: Control Defender across all your endpoints from a single interface
Robust Telemetry Collection: Gather comprehensive endpoint security data
Rapid Event Detection: Identify potential threats in your environments
Powerful Automation Opportunities: Schedule scans or created automated responses
The SCP also creates a starter set of detection and response (D&R) rules that extend beyond simple alerting. These rules can be further customized to meet the broader security needs of your environment(s).
Getting Started with Endpoint Protection
Enabling enterprise and cross-tenant endpoint protection has never been so simple. Read more about enabling the new Endpoint Protection extension in our documentation. If you’re new to LimaCharlie, try it for free or book a demo with our solutions engineers.