On this article, I’ll give attention to Microsoft Defender. I gives you just a few examples that you could construct on. It’s not about doing great issues, it’s about fundamentals. Let’s leap in.
Microsoft Home windows Defender Module
Earlier than we start, we want details about the Defender module and its cmdlets.
Get-Command -Module Defender
We get a listing of all Defender cmdlets.
Let’s take some out and play with them.
Retrieving Defender Info
Run the cmdlet under to retrieve an outline of your defender configuration.
A variety of info runs throughout the display.
Get-MpThreatCatalog is a really helpful cmdlet that shows details about malware signatures the pc is protected in opposition to. The second command is extra exact and exhibits solely the deal with title as a substitute of all info. The third command saves all menace names to a file.
Get-MpThreatCatalog Get-MpThreatCatalog | Choose-Object ThreatName Get-MpThreatCatalog | Choose-Object ThreatName | Out-File $homethreats.txt
For instance, if you wish to present solely Trjoans, run this command.
Get-MpThreatCatalog | The place-Object ThreatName -like "*Trojan*" | Choose-Object ThreatName
Configure Microsoft Defender
What’s most essential in Defender? Sure, replace the signatures.
To begin a scan, run the Begin-MpScan cmdlet.
Lastly, you’ll be able to add an exclusion. This exlusion path is just not scanned or monitored by Microsoft Home windows Defender.
Add-MpPreference -ExclusionPath "C:Temp"
To get an outline of the configured exclusion paths, run Get-MpComputerStatus and choose the ExclusionPath property.
Get-MpPreference | Choose-Object ExclusionPath
However it’s nicer that approach:
Get-MpPreference | Choose-Object -ExpandProperty ExclusionPath
That’s what I wished to indicate on this publish.