Antimalware solutions such as SCEP (System Center Endpoint Protection) and Windows Defender provide PowerShell cmdlets to automate the management of the antimalware solutions.
- [Instructor] SCCM provides in-console monitoring…for us to keep track of our Endpoint Protection clients.…But we can also use PowerShell commandlets…to automate the same type of thing.…In a Windows 7 environment, for instance,…you'll be interested in the MpProvider PowerShell module,…which will only exist…if you've installed the Endpoint Protection client.…Using that module, the commandlets…to work with anti-malware are exposed.…In Windows 10, the module is Defender.…So what can we do then with PowerShell commandlets?…We can retrieve our Endpoint configuration settings…on the device.…
We can start a malware scan.…We could retrieve or remove detected threats,…and interestingly, with PowerShell, we can also use…remote connectivity to run these kind of commandlets,…not on one machine, the same local machine, but rather…remote machines in the hundreds or even the thousands.…Here on Windows 7 in the PowerShell ISE,…I'm working with a script I've created called…Endpoint_PowerShell_Cmdlets.ps1,…and line one is importing the MpProvider module…
Author
Daniel Lachance
Released
5/12/2017- Malware types
- Getting Endpoint Protection up and running
- Deploying the SCEP Windows client
- Removing malware on a SCEP client
- Configuring custom policies
- Planning an update strategy
- Windows firewall settings
- Using PowerShell cmdlets for monitoring
Skill Level Beginner
Duration
Views
-
Introduction
-
Welcome1m 12s
-
What you should know1m 13s
-
-
1. Defining Malware Types
-
Social engineering3m 10s
-
Spyware and adware2m 56s
-
Phishing and ransomware5m 32s
-
-
2 Getting Endpoint Protection Up and Running
-
Server requirements5m 5s
-
Supported clients5m 27s
-
-
3. Endpoint Protection Policies
-
Hardening4m 13s
-
Default policy4m 33s
-
Policy settings5m 25s
-
Configure custom policies3m 51s
-
Plan an update strategy5m 3s
-
Windows firewall settings3m 54s
-
-
4. Monitoring Endpoint Protection
-
In-console monitoring5m 44s
-
Client logs and WMI queries5m 11s
-
Alerts and subscriptions4m 36s
-
Reports7m 45s
-
-
Conclusion
-
Next steps1m 11s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Using PowerShell cmdlets for monitoring