https://github.com/jonade/defendereval

Audit and validate Microsoft Defender for Endpoint configurations against security best practices during product evaluations.
https://github.com/jonade/defendereval

defender-for-endpoint mde powershell-gallery

Last synced: 12 days ago
JSON representation

Audit and validate Microsoft Defender for Endpoint configurations against security best practices during product evaluations.

• Host: GitHub
• URL: https://github.com/jonade/defendereval
• Owner: jonade
• Created: 2025-03-27T14:43:36.000Z (about 1 year ago)
• Default Branch: main
• Last Pushed: 2026-05-28T09:13:22.000Z (15 days ago)
• Last Synced: 2026-05-28T10:24:27.390Z (15 days ago)
• Topics: defender-for-endpoint, mde, powershell-gallery
• Language: PowerShell
• Homepage: https://aka.ms/DefenderEval
• Size: 510 KB
• Stars: 3
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# Verify configuration for a Microsoft Defender for Endpoint evaluation

Generates a report to check whether Defender Antivirus and Defender for Endpoint features are configured according to recommended settings for product evaluation scenarios, such as internal red-teaming exercises.

* https://learn.microsoft.com/en-us/defender-endpoint/evaluate-microsoft-defender-antivirus

![Example Image](docs/example.png)

## Installation Steps

Install the module from the [PowerShell Gallery](https://www.powershellgallery.com/packages/DefenderEval/) by running:

`Install-Module DefenderEval`

The current PowerShell execution policy can be verified by running `Get-ExecutionPolicy`. If it is not set to RemoteSigned or Unrestricted, it can be set to RemoteSigned by running the following:

`Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser`

After installation of the module, run the following from an elevated (as Administrator) PowerShell window to generate the report:

`Get-DefenderEvaluationReport`