147 questions with Microsoft Defender for Cloud-related tags

Sort by: Updated
Updated Created Answers
0 answers

ServiceNow integration with Defender for Cloud

What permissions are required in SerivceNow for the ServiceNow integration with Defender for Cloud user? The doc does not seem to indicate what permissions are required for the ServiceNow service account in…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,212 questions
asked 2024-05-21T00:08:36.3933333+00:00
DG001 346 Reputation points Microsoft Employee
0 answers

Defender for Red Hat Linux

My customer just migrated most of the environment running in Azure. We have bunch of Red Hat Linux servers will be migrated to Azure VMs. We are going to protect our Windows and Linux Environment using Microsoft Defender. However, there were issues…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,212 questions
asked 2024-05-18T03:45:31.3033333+00:00
Abbas Ali 80 Reputation points
commented 2024-05-20T12:42:26.65+00:00
Carlos Solís Salazar 16,781 Reputation points MVP
0 answers

Microsoft Defender for Cloud Storage.. Azure File Shares questions

A vendor recently converted our file server over to Azure File shares and after doing some testing some questions have arose... Does Microsoft Defender for Cloud Storage scan preexisting file shares for malware when implemented after data has already…

Azure Files
Azure Files
An Azure service that offers file shares in the cloud.
1,182 questions
Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,746 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,212 questions
asked 2023-08-30T11:31:14.04+00:00
Jeff Davis 5 Reputation points
commented 2024-05-14T19:18:38.0966667+00:00
Dan T 0 Reputation points
0 answers

P1 and P2 Defender Plans are active at the same time and the same Azure Ressource

Hello, We use a standard Microsoft Policy to activate Azure Defender for Servers P1 via tags on our Azure ARC Servers. The policy in question is "Configure Azure Defender for Servers to be enabled ('P1' subplan) for all resources (resource level)…

Azure Arc
Azure Arc
A Microsoft cloud service that enables deployment of Azure services across hybrid and multicloud environments.
337 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,212 questions
asked 2024-05-14T12:11:39.25+00:00
00640061 0 Reputation points
0 answers

How to set Microsoft Defender (Security Center) settings via the Azure.ResourceManager SDK

We have the following code that enables Microsoft Defender for Cloud for an Azure subscription using the Azure.ResourceManager C# SDK. However, when we view the settings for Defender in the Azure portal, a couple of items aren't turned on that we would…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,212 questions
asked 2024-05-09T16:46:23.4766667+00:00
Jason Looney 0 Reputation points
commented 2024-05-14T10:24:21.0866667+00:00
Akshay-MSFT 16,436 Reputation points Microsoft Employee
0 answers

I am receiving this notification from the Defender "Insecure SSH private key"

I am receiving this notification from the Defender "Insecure SSH private key" Defender for Servers found a plaintext SSH private key that is part of a pair. It is important to secure the private key to avoid its misuse or leakage. But on the…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,212 questions
asked 2024-03-14T08:28:38.85+00:00
Pradeep Khantwal 30 Reputation points
commented 2024-05-07T11:21:54.5333333+00:00
IgorViunov 0 Reputation points
0 answers

FIM in defender not showing file changes for newly created file after 3 days also.

Team, I have enabled FIM on one of the Resource Group it has created one default Log Analytics Workspace, DCR rule. We executed a script that will create test file on all VM's in /etc and C:\windows\system32 directory. But those changes are not yet…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,212 questions
asked 2024-04-30T06:15:50.83+00:00
Disha Bodade 65 Reputation points
edited the question 2024-04-30T07:43:48.3433333+00:00
VarunTha 4,040 Reputation points Microsoft Vendor
0 answers

Run a phishing simulation

No matter what type of simulation I am doing. They are not working.

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
3,934 questions
Not Monitored
Not Monitored
Tag not monitored by Microsoft.
36,474 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,212 questions
asked 2024-04-15T18:48:10.51+00:00
Dennis Machado (Tek Experts) 0 Reputation points Microsoft Vendor
commented 2024-04-25T09:54:24.62+00:00
Pauline Mbabu 15 Reputation points Microsoft Employee
0 answers

Where to find documentation of all available options for the $expand api param of the assessments endpoint

I'm trying to use this api: https://learn.microsoft.com/en-us/rest/api/defenderforcloud/assessments/list?view=rest-defenderforcloud-2020-01-01&tabs=HTTP Even though not documented in the linked page, the $expand param is supported (this is…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,212 questions
asked 2024-04-10T00:53:09.87+00:00
Dima Rozinov 0 Reputation points
commented 2024-04-16T17:20:30.2733333+00:00
Dima Rozinov 0 Reputation points
0 answers

Microsoft Defender against Palo Alto Cortex

I am tasked to compare Palo Alto Cortex solution on our existing Windows workstations against MS Defender for Endpoint. There is several articles about this and my first conclusion is, that Defender might have only small weakness against Palo Alto but I…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,212 questions
Microsoft Intune Security
Microsoft Intune Security
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
349 questions
Microsoft Defender for Endpoint Training
Microsoft Defender for Endpoint Training
Microsoft Defender for Endpoint: A Microsoft unified security platform for preventative protection, postbreach detection, and automated investigation and response. Previously known as Microsoft Defender Advanced Threat Protection.Training: Instruction to develop new skills.
18 questions
asked 2024-04-05T06:16:25.8866667+00:00
Pavel yannara Mirochnitchenko 11,961 Reputation points MVP
commented 2024-04-08T09:24:47.76+00:00
Givary-MSFT 28,571 Reputation points Microsoft Employee
0 answers

Transition to Microsoft Defender Vulnerability Management - java sdk, SecuritySubAssessmentInner AdditionalData problem

Hi, We want to migrate from https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-containers-vulnerability-assessment-azure to https://learn.microsoft.com/en-us/azure/defender-for-cloud/agentless-vulnerability-assessment-azure which is…

Azure Container Registry
Azure Container Registry
An Azure service that provides a registry of Docker and Open Container Initiative images.
401 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,212 questions
asked 2024-02-06T16:43:07.3533333+00:00
Schnider Michael 26 Reputation points
commented 2024-04-08T05:53:29.6166667+00:00
Wu, Jeff 0 Reputation points
0 answers

Add cloud defender to workspace

I am trying to add MS Cloud Defender to the workspace but it fails and I do not know the reason

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,212 questions
asked 2024-03-28T09:21:44.67+00:00
Hanan 0 Reputation points
commented 2024-04-03T14:19:19.9666667+00:00
Pauline Mbabu 15 Reputation points Microsoft Employee
0 answers

Inventory PST files based on computers in the Organizational Unit (OU) in Active Directory

Hello, I'm looking for a script/tool to collect information on all PST files located in user computers. What is the best and most efficient way to accomplish this?I have an inventory with this informations : ComputerName,UserName,EmailAddress,Pst File…

Microsoft Exchange Online
Microsoft System Center
Microsoft System Center
A suite of Microsoft systems management products that offer solutions for managing datacenter resources, private clouds, and client devices.
852 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,212 questions
PowerShell
PowerShell
A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
2,141 questions
asked 2024-02-19T13:36:01.21+00:00
APTOS 221 Reputation points
commented 2024-03-15T11:05:34.9233333+00:00
Catherine Kyalo 650 Reputation points Microsoft Employee
0 answers

Why is that exempted pods show up on affected pods list?

I configured disable rule on "Azure running container images should have vulnerabilities resolved" by specifying their image digests but I still see the the images on affected pods list. Why is that?

Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
1,886 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,212 questions
asked 2024-03-08T09:24:36.1233333+00:00
Eskedar Workeneh 5 Reputation points
commented 2024-03-12T23:47:38.4533333+00:00
kobulloc-MSFT 24,171 Reputation points Microsoft Employee
0 answers

Windows Defender MpCmdRun.exe Custom Scan Automation Job Failing intermittently in Production Environment using TeamCity Tool

Hello Microsoft Community, We are currently facing an issue with our TeamCity build automation, specifically related to the custom virus scan using the MpCmdRun.exe command-line utility. Our setup involves executing the command: MpCmdRun.exe -Scan…

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,499 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,263 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,212 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
159 questions
Microsoft Defender for Cloud Apps
Microsoft Defender for Cloud Apps
A Microsoft cloud access security broker that enables customers to control the access and use of software as a service apps in their organization.
107 questions
asked 2024-02-05T02:04:28.9966667+00:00
Vamshi Krishna 0 Reputation points
commented 2024-02-21T11:51:39.01+00:00
Givary-MSFT 28,571 Reputation points Microsoft Employee
0 answers

How to automatically rotate DKIM keys on a scheduled basis in 365 Defender?

Could someone let me know how to automatically rotate DKIM keys on a scheduled basis in 365 Defender? Instead of manually running the powershell script to rotate the DKIM key.

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,212 questions
asked 2023-08-18T07:07:20.89+00:00
Kartheen E 46 Reputation points
commented 2024-02-19T06:10:31.37+00:00
Catherine Kyalo 650 Reputation points Microsoft Employee
0 answers

Defender for Clouds - alert details hidden in Activity logs of log analytics

Hey, from Tuesday 1 Aug 2023 - 6 PM (New Zealand time) we started seeing alerts from Defender for Clouds appear with hidden information just like this: "******" in the Activity Logs of the log analytics page. but we can see the full details of…

Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
2,858 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,212 questions
asked 2023-08-03T01:50:11.0833333+00:00
Hadi D 10 Reputation points
commented 2024-02-13T17:46:42.4466667+00:00
Fiona Matu 86 Reputation points Microsoft Employee
0 answers

Devices without Microsoft Defender for Endpoint sensor

We have devices on boarded in defender using Intune MDM configuration profile But the list of devices shows Devices without Microsoft Defender for Endpoint sensor But all the on boarded devices are listed on defender as Active state, Ticket also raised,…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,212 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,462 questions
Microsoft Configuration Manager
asked 2023-08-29T07:08:25.9366667+00:00
Gireesh Konasali 20 Reputation points
commented 2024-02-13T11:26:41.2766667+00:00
Catherine Kyalo 650 Reputation points Microsoft Employee
0 answers

The endpoint provided by azure is not returning the correct list of extensions for defender plan & pricings

Service:Defender for Cloud API Version:2024-01-01 This endpoint provided by in azure documentation is not listing all the extensions that are enabled in the portal. GET…

Azure Cost Management
Azure Cost Management
A Microsoft offering that enables tracking of cloud usage and expenditures for Azure and other cloud providers.
2,113 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,212 questions
asked 2024-02-07T08:14:17.93+00:00
prajwal 0 Reputation points
commented 2024-02-12T20:37:10.7833333+00:00
Marilee Turscak-MSFT 34,626 Reputation points Microsoft Employee
0 answers

Not able to use Microsoft Defender for Cloud for DevOps

Hi, I'm trying to use Defender for Cloud for DevOps. I've configured everything that's required for connecting my DevOps to Microsoft Defender for Cloud. However, as shown below the connectivity status has been in "in progress" for the past…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,212 questions
asked 2023-09-08T06:12:39.0233333+00:00
Raghul Kannan 126 Reputation points
commented 2024-02-12T14:16:15.09+00:00
Catherine Kyalo 650 Reputation points Microsoft Employee