Important Notice: On February 29th, this community was put into read-only mode. All existing posts will remain but customers are unable to add new posts or comment on existing. Please feel to join our Community Discord for any questions and discussions.

PDQ Deploy and Microsoft Defender ATP

If there is anyone else out there running PDQ Deploy and Microsoft Defender ATP, are you seeing alerts from ATP today when deploying software? Nothing really looks out of the ordinary, but we're seeing a lot of "possible lateral movement" and "suspicious remote activity". Everything looks to be normal from what I can tell, but we haven't seen this before.

1

Comments

1 comment
Date Votes
  • I think we had seen some initially when we adopted MDE. We've added Antivirus and ASR exclusions via Intune since then for the PDQ processes. We've seen some alerts where PDQ gets tagged but haven't seen anything directly. 

    1