USB defender never detaches a USB device unless you have set up a rule to do so. All it does is generate events related to USB mass storage devices.
It's true that USB defender will not detach any device unless the LEM has a rule that causes that to happen. If you have LEM deployed, there is a rule template included called "Template: Detach Unauthorized USB Device." It includes in the example conditions a "white-list" of authorized devices.
I've even seen a rule that could be used to white-list devices easily. Basically, it was "If a USB device is plugged into [SPECIFIC NODE], then add it to the white-list." The admin had his workstation as the [SPECIFIC NODE], so anything he connected was added to the white-list. He ran through all the devices his company allowed, and then disabled the rule. If he needs to add more to the white-list, he can re-enable the rule, but otherwise his workstation is subject to the same rules as anyone else.
It's also worth noting that we don't even pass mice/keyboards on to USB-Defender, only mass storage devices, network devices, and phones. You likely won't even see events when these devices are plugged in, unless you're using the "Extended" USB-Defender connector, in which case you should be careful.
USB Defender local policy is similar, we ignore things that aren't mass storage, network, and phones (anything that could walk data off).