EDR setup: MS Defender

The management of MS Defender EDR is currently in Beta. Let us know if you have any feedback or encounter any issues.

  1. Connect to the Azure portal

    1. Log in to Azure with an account that has the Owner role on the relevant subscription.

    2. Select: Home > Create a resource

    3. Search and click on Deploy a custom template

  2. Import the template

    1. Click on Create your own template in the editor

    2. Click on Upload a file at the top

    3. Select the template.json file to download here.

    4. Click on Save

  3. Configure the template

    1. Select the Azure subscription to which you want to delegate and the region. Leave all other fields as they are, as they are already pre-filled in the template.

  4. Deployment

    1. Click Review + Create, and then click Create

    2. Deployment typically takes a few seconds

    3. (Optional) Verify the delegation in Azure Lighthouse > Service Providers

      1. Stoïk will appear as an authorized provider, with the associated roles

      2. This delegation can be revoked at any time by you, directly from this menu

PreviousSetup SentinelOne on LinuxNextDo I need to uninstall the antivirus before the EDR setup?

Last updated

Was this helpful?