Hello.

I am looking for a complete or at least well-documented list of detections that Microsoft “Defender for  endpoint” can actually detect as:

“Malicious credential theft tool execution detected”

We need to show some clients the missing detections that they don´t have because Defender is not active!… so if we have a list of detections it is easier to understand the surface of protection of the EDR.

Hope someone has something!

​Hello.I am looking for a complete or at least well-documented list of detections that Microsoft “Defender for  endpoint” can actually detect as:”Malicious credential theft tool execution detected”We need to show some clients the missing detections that they don´t have because Defender is not active!… so if we have a list of detections it is easier to understand the surface of protection of the EDR.Hope someone has something!  Read More

​