Overview

Scrut integrates with Microsoft Defender for Endpoint to pull device security posture, alerts, and threat detections. Use it to demonstrate continuous endpoint security monitoring, track remediation, and maintain audit-ready security evidence.

Why Connect

• Pull endpoint alerts and threat detections into one view.
• Support evidence for continuous endpoint monitoring.
• Track remediation actions and closure for audits.

Supported Automated Tests

Scrut provides pre-built automated tests for Microsoft Defender Endpoint. Here are a few examples of Scrut’s Microsoft Defender Endpoint tests:

• Access reviews completed for all in-scope applications
• Microsoft Defender Endpoint accounts associated with users
• Microsoft Defender Endpoint accounts deprovisioned when employees leave

Supported Automated Evidence

Scrut automates the collection of some evidences for Microsoft Defender Endpoint. Here are a few examples of Scrut’s Microsoft Defender Endpoint-driven evidences that can be collected:

• Offboarding - Logical Access & Physical Access Revocation
• Reports of User Access Reviews
• Report of Vulnerability Scan and Remediation Status
• User Access Approval list to Application, Infrastructure and Service