{"id":1554,"date":"2024-08-10T22:55:15","date_gmt":"2024-08-10T20:55:15","guid":{"rendered":"https:\/\/cln.io\/blog\/?p=1554"},"modified":"2024-10-12T19:35:29","modified_gmt":"2024-10-12T17:35:29","slug":"getting-microsoft-defender-atp-on-plesk","status":"publish","type":"post","link":"https:\/\/cln.io\/blog\/getting-microsoft-defender-atp-on-plesk\/","title":{"rendered":"Getting Microsoft Defender ATP on Plesk"},"content":{"rendered":"\n

Download the onboarding code\/script<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

I dumped the .zip file in \/root\/defender
then execute it with Python to install the right “stuff” so the defender binary can talk to your org\/api thing<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n
python MicrosoftDefenderATPOnboardingLinuxServer.py\nGenerating \/etc\/opt\/microsoft\/mdatp\/mdatp_onboard.json ...<\/pre>\n\n\n\n
Now lets download the  binary installer<\/p>\n\n\n\n
https:\/\/github.com\/microsoft\/mdatp-xplat\/blob\/master\/linux\/installation\/mde_installer.sh<\/a><\/p>\n\n\n\n
wget https:\/\/raw.githubusercontent.com\/microsoft\/mdatp-xplat\/master\/linux\/installation\/mde_installer.sh\nchmod +x mde_installer.sh\n.\/mde_installer.sh<\/pre>\n\n\n\n
\"\"<\/figure>\n\n\n\n
This should onboard the Plesk with defender.<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
Configure defender<\/h2>\n\n\n\n
mdatp config real-time-protection --value enabled\nmdatp threat policy set --type potentially_unwanted_application --action block\nmdatp config network-protection enforcement-level --value block\nmdatp config behavior-monitoring --value enabled\nmdatp config behavior-monitoring-statistics --value enabled\nmdatp config ebpf-supplementary-event-provider --value enabled\nmdatp config ptrace-scope --value enabled<\/pre>\n\n\n\n
Give it a quick full scan, because why the hell not<\/p>\n\n\n\n
mdatp scan full<\/pre>\n\n\n\n
\"\"<\/figure>\n","protected":false},"excerpt":{"rendered":"
Download the onboarding code\/script I dumped the .zip file in \/root\/defenderthen execute it with Python to install the right “stuff” so the defender binary can talk to your org\/api thing Now lets download the binary […]<\/p>\n","protected":false},"author":1,"featured_media":1680,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1554","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/cln.io\/blog\/wp-json\/wp\/v2\/posts\/1554","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cln.io\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cln.io\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cln.io\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cln.io\/blog\/wp-json\/wp\/v2\/comments?post=1554"}],"version-history":[{"count":5,"href":"https:\/\/cln.io\/blog\/wp-json\/wp\/v2\/posts\/1554\/revisions"}],"predecessor-version":[{"id":1566,"href":"https:\/\/cln.io\/blog\/wp-json\/wp\/v2\/posts\/1554\/revisions\/1566"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cln.io\/blog\/wp-json\/wp\/v2\/media\/1680"}],"wp:attachment":[{"href":"https:\/\/cln.io\/blog\/wp-json\/wp\/v2\/media?parent=1554"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cln.io\/blog\/wp-json\/wp\/v2\/categories?post=1554"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cln.io\/blog\/wp-json\/wp\/v2\/tags?post=1554"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}