1,065 questions with Microsoft Defender for Cloud-related tags
Error durin on-upload malware scan activation for storage account
I created Event Grid topic and want to assign it to Microsoft Defender report pipeline. When I enable on-upload scan for my storage account and select my topic, I get Plan enablement partially succeeded. Could not enable on-upload malware scanning:…
Exception Handling for Defender & Third-Party EDR Conflict
Hello. We are currently operating Microsoft Defender for Cloud (MDC). We aim to comply with one of MDC's recommendations, 'EDR solution should be installed on Virtual Machines.' While Windows machines have Microsoft Defender for Endpoint (MDE) installed…
Visual Studio blocked by MS Defender
Microsoft defender blocked visual studio 2022 ( C#) and I can't enter windows forms, console, etc. Please help.
How to create a overview over all VMs and his CIS compliance status?
Is there any way to generate an overview to see the CIS compliance coverage over all virtual maschines? Me problem is, we need to use CIS Images vor VMs but some applications need the possibility to deactivate some of the CIS rules to work correctly. So…
How to stop ATP clicking links in Phishing simulation emails
I have logged in to Microsoft Defender for O365 and configured the Phishing Simulation tab under Email & collaboration > Policies & rules > Threat policies > Advanced delivery. But something ATP wise is still clicking the links in my…
Microsoft Defender for Cloud
Hello, Please guide me, why microsoft defender for cloud service has taking the charges for every month even though I not using the any of the Azure services. What is procedure to refund the unusage services and how to stop/delete it to avoid the…
Azure Policy & VM JIT - Do not allow Any as source
I am currently trying to prevent users from requesting Azure JIT VM access coming from the Source IP addresses "Any". According to this thread, https://learn.microsoft.com/en-us/answers/questions/846584/azure-vm-jit-do-not-allow-any-as-source ,…
How Defender ATP works on IOS ?
Hello everyone, I am currently a student and intern in cybersecurity, and I am curious about how Defender operates on mobile devices, particularly on iOS (after deployed with Intune). I have been trying to find a flow chart that outlines the workings of…
shared settings : Number of days until partner is unresponsive
Hello, I hope this message finds you well. I am seeking clarification on the “Shared settings: Number of days until partner is unresponsive” option found under Endpoint Security > Microsoft Defender for Endpoint. Specifically, I would like to…
Integrating Microsoft Sentinel with Microsoft Defender XDR
I am trying to Integrate microsoft sentinel and defender XDR. So here are the steps I have done so far. Log analytics created, Sentinel attached to the workspace enabled the defender connector . after enabling the connector , I have enabled…
Can Defender for Endpoint policies and features on Azure Stack HCI hosts be managed by MDE or SCCM?
I am curious whether MDE or SCCM can be used to manage Defender for Endpoint policies and features on Azure Stack HCI hosts. Also, does Azure Stack support the use of ASR rules via Defender for Endpoint? Will enabling ASR impact the functioning of Azure…
Can I create a PowerAutomate flow to offboard devices in Defender for Endpoint?
I would like to create a friendly interface for users to offboard devices in Defender for Endpoint, so they won't have to run this process manually. Is this possible?
Defender for Endpoint Policies
Hello If a workstation or server is onboarded to defender for endpoint and no security policies have been pushed to the endpoint, what are the default settings or configuration that defender uses? does it stay dormant until policies are pushed? Thanks
Microsoft Vulnerability Manager Security Recommendations - Python
Microsoft Vulnerability Manager Security Recommendations is advising to Update Python as it is currently version 3.7.7.0 however, when installing Python latest version (3.12.30) from https://www.python.org/downloads/ it is still reporting on Microsoft…
Regulatory compliance reports not accurately affecting security
I have some regulatory compliance reports still showing unhealthy resources 3 days after the problem as been remediated. Any idea why this could be happening?
Defender I use GPO Can Switch Config policy On Defender Mange by MDE device configuration management ?
Now plan deploy MDE my PC joins local AD which makes it difficult to manage policy through GPO. Is this possible? If I want to use Switch Gpo policy through Device configuration management MDE?
OpenSSL vulnerabilities showing in Defender Dashboard
We have multiple devices showing up with OpenSSL vulnerabilities. It is detecting two dll files that it is flagging. Which they are libssl-3-x64.dll and libcrypto-3-x64.dll. It is flagging this for multiple different applications through out multiple…
Disable Microsoft Defender for Cloud for select virtual machines in Azure
I have several VMs running Windows 10/11 and Ubuntu in my Azure vnet and I really don't need them included in Microsoft Defender for Cloud. I've done some searching and apparently there is no way to select which VMs are included in the service, it's an…
Windows Defender SenseNdr.exe Application Crashing Events
Faulting application name: SenseNdr.exe, version: 2.3.1.0, time stamp: 0x7484efee Faulting module name: SenseNdr.exe, version: 2.3.1.0, time stamp: 0x7484efee Exception code: 0xc0000409 Fault offset: 0x000000000071f9c1 Faulting process id:…
Choosing between Defender for Endpoint and Defender for Server for servers with no internet connectivity
We are planning to migrate from Symantec® Endpoint Security to Microsoft, specifically looking for EDR and XDR features for our On Prem servers that have no connectivity to the internet. Should we use Defender for Endpoint or Defender for Servers? We are…