Skip to content

Commit a4cd214

Browse files
denisebmsftdenisebmsft
committed
Update edr-detection.md
1 parent 01ec465 commit a4cd214

File tree

1 file changed

+7
-8
lines changed

1 file changed

+7
-8
lines changed

defender-endpoint/edr-detection.md

Lines changed: 7 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ ms.custom: admindeeplinkDEFENDER
1515
ms.topic: conceptual
1616
ms.subservice: edr
1717
search.appverid: met150
18-
ms.date: 08/04/2024
18+
ms.date: 08/06/2024
1919
---
2020

2121
# EDR detection test for verifying device's onboarding and reporting services
@@ -43,14 +43,13 @@ Run an EDR detection test to verify that the device is properly onboarded and re
4343

4444
1. Open a Command Prompt window
4545

46-
2. At the prompt, copy and run the command below. The Command Prompt window will close automatically.
46+
2. At the prompt, copy and run the following command. The Command Prompt window closes automatically.
4747

48+
```powershell
49+
powershell.exe -NoExit -ExecutionPolicy Bypass -WindowStyle Hidden $ErrorActionPreference= 'silentlycontinue';(New-Object System.Net.WebClient).DownloadFile('http://127.0.0.1/1.exe', 'C:\\test-WDATP-test\\invoice.exe');Start-Process 'C:\\test-WDATP-test\\invoice.exe'
50+
```
4851

49-
```powershell
50-
powershell.exe -NoExit -ExecutionPolicy Bypass -WindowStyle Hidden $ErrorActionPreference= 'silentlycontinue';(New-Object System.Net.WebClient).DownloadFile('http://127.0.0.1/1.exe', 'C:\\test-WDATP-test\\invoice.exe');Start-Process 'C:\\test-WDATP-test\\invoice.exe'
51-
```
52-
53-
3. If successful, the detection test will be marked as completed and a new alert will appear in few minutes.
52+
3. If successful, the detection test is marked as completed and a new alert appears within a few minutes.
5453

5554
### Linux
5655

@@ -134,7 +133,7 @@ After a few minutes, a detection should be raised in Microsoft Defender XDR.
134133

135134
## Next steps
136135

137-
If you're experiencing issues with application compatability or performance, you might consider adding exclusions. See the following articles for more information:
136+
If you're experiencing issues with application compatibility or performance, you might consider adding exclusions. See the following articles for more information:
138137

139138
- [Configure and validate exclusions for Microsoft Defender for Endpoint on macOS](mac-exclusions.md)
140139
- [Address false positives/negatives in Microsoft Defender for Endpoint](defender-endpoint-false-positives-negatives.md)

0 commit comments

Comments
 (0)