Skip to content

Latest commit

 

History

History
 
 

PowerShell

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
CI_DefenderMAPS_Discovery.ps1
CI_DefenderMAPS_Discovery.ps1
 
 
Download-DefenderUpdates.ps1
Download-DefenderUpdates.ps1
 
 
Get-CSDeviceGuardStatus.ps1
Get-CSDeviceGuardStatus.ps1
 
 
Get-DefenderATPStatus.ps1
Get-DefenderATPStatus.ps1
 
 
Get-DefenderEGEvents.ps1
Get-DefenderEGEvents.ps1
 
 
Validate-DefenderExclusion.ps1
Validate-DefenderExclusion.ps1
 
 
lastconnected.ps1
lastconnected.ps1
 
 
readme.md
readme.md
 
 

readme.md

Microsoft Defender Advanced Threat Protection PowerShell Scripts

PowerShell CmdLets and code snippets to interact with Windows Defender or Microsoft Defender Advanced Threat Protection

Microsoft Defender Advanced Threat Protection PowerShell Module

Get-DefenderATPStatus

Get-DefenderATPStatus retrieves the Agent and configuration status of Windows Defender ATP on a Windows 10 device

 Get-DefenderATPStatus

ComputerName                    : DESKTOP-002
OnboardingState                 : True
OSBuild                         : 18363
OSEditionID                     : Enterprise
OSProductName                   : Windows 10 Enterprise
Machinebuildnumber              : Microsoft Windows NT 10.0.18363.0
SenseID                         : 
MMAAgentService                 : not required
SenseConfigVersion              : 6999.4507483.4090661.4179641

Get-DefenderEGEvents

Get-DefenderEGEvents retrieves Windows Defender Exploit Guard related events from a Windows 10 device

Validate-DefenderExclusion

Validate-DefenderExclusion checks whether the specified path or file is excluded.

##https://wdtestgroundstorage.blob.core.windows.net/public/validate/validatecloud.exe

Other PowerShell Modules

DefenderASR

find-module -name "DefenderASR" | Install-module