diff --git a/docs/edr-install-config/install-elastic-defend.mdx b/docs/edr-install-config/install-elastic-defend.mdx index b512634223..6c8a150a96 100644 --- a/docs/edr-install-config/install-elastic-defend.mdx +++ b/docs/edr-install-config/install-elastic-defend.mdx @@ -2,7 +2,7 @@ id: serverlessSecurityInstallDefend slug: /serverless/security/install-edr title: Install and configure the ((elastic-defend)) integration -# description: Description to be written +description: Learn how to install and configure ((elastic-defend)). tags: [ 'serverless', 'security', 'how-to' ] status: rough content --- @@ -19,9 +19,9 @@ Like other Elastic integrations, ((elastic-defend)) is integrated into the ((age * ((fleet)) is required for ((elastic-defend)). -* To configure the ((elastic-defend)) integration on the ((agent)), you must have permission to use ((fleet)) in ((kib)). +* To configure the ((elastic-defend)) integration on the ((agent)), you must have permission to use ((fleet)). -* You must have the **((elastic-defend)) Policy Management : All** privilege to configure an integration policy, and the **Endpoint List** privilege to access the **Endpoints** page. +* You must have the **((elastic-defend)) Policy Management: All** privilege to configure an integration policy, and the **Endpoint List** privilege to access the **Endpoints** page. @@ -37,19 +37,18 @@ If you're using macOS, some versions may require you to grant Full Disk Access t 1. Go to the **Integrations** page, which you can access in several ways: -* In ((kib)): **Management** -> **Integrations** -* In the ((security-app)): **Get started** -> **Add security integrations** + * In ((kib)): **Management** -> **Integrations** + * In the ((security-app)): **Get started** -> **Add security integrations** ![Search result for "((elastic-defend))" on the Integrations page.](../images/install-endpoint/-getting-started-install-endpoint-endpoint-cloud-sec-integrations-page.png) 1. Search for and select **((elastic-defend))**, then select **Add ((elastic-defend))**. The integration configuration page appears. - -If this is the first integration you've installed and the **Ready to add your first integration?** page appears instead, select **Add integration only (skip agent installation)** to proceed. You can install ((agent)) after setting up the ((elastic-defend)) integration. - - + + If this is the first integration you've installed and the **Ready to add your first integration?** page appears instead, select **Add integration only (skip agent installation)** to proceed. You can install ((agent)) after setting up the ((elastic-defend)) integration. + - + 1. Configure the ((elastic-defend)) integration with an **Integration name** and optional **Description**. 1. Select the type of environment you want to protect, either **Traditional Endpoints** or **Cloud Workloads**. @@ -58,11 +57,11 @@ If this is the first integration you've installed and the **Ready to add your fi @@ -71,7 +70,7 @@ If this is the first integration you've installed and the **Ready to add your fi - All traditional endpoint presets _except **Data Collection**_ have these preventions enabled by default: malware, ransomware, memory threat, malicious behavior, and credential theft. Each preset collects the following events: + All traditional endpoint presets _except_ **Data Collection** have these preventions enabled by default: malware, ransomware, memory threat, malicious behavior, and credential theft. Each preset collects the following events: * **Data Collection:** All events; no preventions * **Next-Generation Antivirus (NGAV):** Process events; all preventions