PDQ Deploy and Microsoft Defender ATP
If there is anyone else out there running PDQ Deploy and Microsoft Defender ATP, are you seeing alerts from ATP today when deploying software? Nothing really looks out of the ordinary, but we're seeing a lot of "possible lateral movement" and "suspicious remote activity". Everything looks to be normal from what I can tell, but we haven't seen this before.
1
Comments
I think we had seen some initially when we adopted MDE. We've added Antivirus and ASR exclusions via Intune since then for the PDQ processes. We've seen some alerts where PDQ gets tagged but haven't seen anything directly.
Please sign in to leave a comment.