151 questions with Microsoft Defender for Cloud-related tags

Sort by: Created
Updated Created Answers
0 answers

Custom recommendation I created doesn't get triggered as a recommendation in defender for cloud

I am trying to make custom recommendations work. I created a custom recommendation that looks meta data of a keyvault and checks if PublicNetworkAccess is enabled if so then it finds "iprules" in meta data. If it can see the word…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,233 questions
asked 2024-06-13T12:51:18.1+00:00
Khanna, Keshav 0 Reputation points
0 answers

Troubleshooting missing secure score for Microsoft Cloud Defender continuous export

I have 5 subscriptions that are configured for continuous export. However, when I look at the workbooks for secure score over time, only 3 out of the 5 subscriptions are showing the current score. I have checked all the settings, and everything seems to…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,233 questions
asked 2024-06-12T17:04:15.8733333+00:00
pattifree 46 Reputation points
commented 2024-06-12T21:18:09.22+00:00
James Hamil 22,886 Reputation points Microsoft Employee
0 answers

SQL Server: Defender for SQL Server Configuration Issues – Status Not Displayed

I have an SQL Server, and I attempted to configure Defender for SQL Server. However, even after a day, it has not been configured properly, and the menu showing the "Protected" or "Not Protected" status does not appear as expected.…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,233 questions
asked 2024-06-12T00:16:07.6366667+00:00
mara7 161 Reputation points
commented 2024-06-12T08:17:48.3+00:00
Givary-MSFT 29,351 Reputation points Microsoft Employee
0 answers

'Wacatac' malware was detected (Agentless preview)

Hi Team on one of the linux machine Microsoft Defender for Cloud in Security alerts shows malware how to remediate it.

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,372 questions
Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,807 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,233 questions
asked 2024-06-04T05:28:32.25+00:00
Pradeep Khantwal 50 Reputation points
commented 2024-06-12T06:04:28.4333333+00:00
Pradeep Khantwal 50 Reputation points
0 answers

Info required for migration of MMA to Windows defender Unified agent.

Please help me to identify the specific process for that Microsoft Defender unified agent is running on the server. Scenario is that there are some servers in the environment running with 2012R2 and 2016. And MMA is running on the servers. As a result,…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,233 questions
asked 2024-05-31T05:22:12.44+00:00
Fadikar, Subhadip 0 Reputation points
commented 2024-06-03T12:56:08.32+00:00
Sandeep G-MSFT 15,326 Reputation points Microsoft Employee
0 answers

How to get the impacted asset (user or client) when fetching alerts (v2) from Defender using API?

Hello, I followed this documentation to list alerts from Defender https://learn.microsoft.com/en-us/graph/api/security-list-alerts_v2?view=graph-rest-beta&tabs=http While I am getting the output, it is very different from when I fetch the alerts…

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,051 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,233 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
166 questions
Microsoft Defender for Cloud Apps
Microsoft Defender for Cloud Apps
A Microsoft cloud access security broker that enables customers to control the access and use of software as a service apps in their organization.
116 questions
asked 2024-05-30T13:30:38.1333333+00:00
Rawad BASSIL 0 Reputation points
edited the question 2024-06-06T06:12:59.9466667+00:00
Rakesh Gurram 4,560 Reputation points Microsoft Vendor
0 answers

Microsoft defender is alerting for vulnerable version of nuget package in Azure Function's ".azurefunctions/function.deps.json" file"

Hi Champs, I'm facing a typical problem with my function app and MS defender for cloud. Defender is raising issues for my deployed function(written in c#) as: Even after installing latest nuget package, "function.deps.json" file is not…

Azure Functions
Azure Functions
An Azure service that provides an event-driven serverless compute platform.
4,484 questions
Azure
Azure
A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.
1,057 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,233 questions
asked 2024-05-30T05:26:36.4033333+00:00
Pratim Das, Partha C 306 Reputation points
edited the question 2024-05-31T01:04:10.4133333+00:00
Pratim Das, Partha C 306 Reputation points
0 answers

Defender for Red Hat Linux

My customer just migrated most of the environment running in Azure. We have bunch of Red Hat Linux servers will be migrated to Azure VMs. We are going to protect our Windows and Linux Environment using Microsoft Defender. However, there were issues…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,233 questions
asked 2024-05-18T03:45:31.3033333+00:00
Abbas Ali 80 Reputation points
commented 2024-05-20T12:42:26.65+00:00
Carlos Solís Salazar 17,426 Reputation points MVP
0 answers

FIM in defender not showing file changes for newly created file after 3 days also.

Team, I have enabled FIM on one of the Resource Group it has created one default Log Analytics Workspace, DCR rule. We executed a script that will create test file on all VM's in /etc and C:\windows\system32 directory. But those changes are not yet…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,233 questions
asked 2024-04-30T06:15:50.83+00:00
Disha Bodade 65 Reputation points
edited the question 2024-04-30T07:43:48.3433333+00:00
VarunTha 4,810 Reputation points Microsoft Vendor
0 answers

Run a phishing simulation

No matter what type of simulation I am doing. They are not working.

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
4,087 questions
Not Monitored
Not Monitored
Tag not monitored by Microsoft.
36,982 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,233 questions
asked 2024-04-15T18:48:10.51+00:00
Dennis Machado (Tek Experts) 0 Reputation points Microsoft Vendor
commented 2024-04-25T09:54:24.62+00:00
Pauline Mbabu 90 Reputation points Microsoft Employee
0 answers

Where to find documentation of all available options for the $expand api param of the assessments endpoint

I'm trying to use this api: https://learn.microsoft.com/en-us/rest/api/defenderforcloud/assessments/list?view=rest-defenderforcloud-2020-01-01&tabs=HTTP Even though not documented in the linked page, the $expand param is supported (this is…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,233 questions
asked 2024-04-10T00:53:09.87+00:00
Dima Rozinov 0 Reputation points
commented 2024-04-16T17:20:30.2733333+00:00
Dima Rozinov 0 Reputation points
0 answers

Microsoft Defender against Palo Alto Cortex

I am tasked to compare Palo Alto Cortex solution on our existing Windows workstations against MS Defender for Endpoint. There is several articles about this and my first conclusion is, that Defender might have only small weakness against Palo Alto but I…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,233 questions
Microsoft Intune Security
Microsoft Intune Security
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
365 questions
Microsoft Defender for Endpoint Training
Microsoft Defender for Endpoint Training
Microsoft Defender for Endpoint: A Microsoft unified security platform for preventative protection, postbreach detection, and automated investigation and response. Previously known as Microsoft Defender Advanced Threat Protection.Training: Instruction to develop new skills.
20 questions
asked 2024-04-05T06:16:25.8866667+00:00
Pavel yannara Mirochnitchenko 12,371 Reputation points MVP
commented 2024-04-08T09:24:47.76+00:00
Givary-MSFT 29,351 Reputation points Microsoft Employee
0 answers

Add cloud defender to workspace

I am trying to add MS Cloud Defender to the workspace but it fails and I do not know the reason

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,233 questions
asked 2024-03-28T09:21:44.67+00:00
Hanan 0 Reputation points
commented 2024-04-03T14:19:19.9666667+00:00
Pauline Mbabu 90 Reputation points Microsoft Employee
0 answers

I am receiving this notification from the Defender "Insecure SSH private key"

I am receiving this notification from the Defender "Insecure SSH private key" Defender for Servers found a plaintext SSH private key that is part of a pair. It is important to secure the private key to avoid its misuse or leakage. But on the…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,233 questions
asked 2024-03-14T08:28:38.85+00:00
Pradeep Khantwal 50 Reputation points
commented 2024-05-07T11:21:54.5333333+00:00
IgorViunov 0 Reputation points
0 answers

Why is that exempted pods show up on affected pods list?

I configured disable rule on "Azure running container images should have vulnerabilities resolved" by specifying their image digests but I still see the the images on affected pods list. Why is that?

Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
1,931 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,233 questions
asked 2024-03-08T09:24:36.1233333+00:00
Eskedar Workeneh 5 Reputation points
commented 2024-03-12T23:47:38.4533333+00:00
kobulloc-MSFT 25,146 Reputation points Microsoft Employee
0 answers

Inventory PST files based on computers in the Organizational Unit (OU) in Active Directory

Hello, I'm looking for a script/tool to collect information on all PST files located in user computers. What is the best and most efficient way to accomplish this?I have an inventory with this informations : ComputerName,UserName,EmailAddress,Pst File…

Microsoft Exchange Online
Microsoft System Center
Microsoft System Center
A suite of Microsoft systems management products that offer solutions for managing datacenter resources, private clouds, and client devices.
880 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,233 questions
PowerShell
PowerShell
A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
2,219 questions
asked 2024-02-19T13:36:01.21+00:00
APTOS 221 Reputation points
commented 2024-03-15T11:05:34.9233333+00:00
Catherine Kyalo 655 Reputation points Microsoft Employee
0 answers

The endpoint provided by azure is not returning the correct list of extensions for defender plan & pricings

Service:Defender for Cloud API Version:2024-01-01 This endpoint provided by in azure documentation is not listing all the extensions that are enabled in the portal. GET…

Azure Cost Management
Azure Cost Management
A Microsoft offering that enables tracking of cloud usage and expenditures for Azure and other cloud providers.
2,206 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,233 questions
asked 2024-02-07T08:14:17.93+00:00
prajwal 0 Reputation points
commented 2024-02-12T20:37:10.7833333+00:00
Marilee Turscak-MSFT 35,616 Reputation points Microsoft Employee
0 answers

Transition to Microsoft Defender Vulnerability Management - java sdk, SecuritySubAssessmentInner AdditionalData problem

Hi, We want to migrate from https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-containers-vulnerability-assessment-azure to https://learn.microsoft.com/en-us/azure/defender-for-cloud/agentless-vulnerability-assessment-azure which is…

Azure Container Registry
Azure Container Registry
An Azure service that provides a registry of Docker and Open Container Initiative images.
414 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,233 questions
asked 2024-02-06T16:43:07.3533333+00:00
Schnider Michael 26 Reputation points
commented 2024-04-08T05:53:29.6166667+00:00
Wu, Jeff 0 Reputation points
0 answers

Windows Defender MpCmdRun.exe Custom Scan Automation Job Failing intermittently in Production Environment using TeamCity Tool

Hello Microsoft Community, We are currently facing an issue with our TeamCity build automation, specifically related to the custom virus scan using the MpCmdRun.exe command-line utility. Our setup involves executing the command: MpCmdRun.exe -Scan…

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,538 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,409 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,233 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
166 questions
Microsoft Defender for Cloud Apps
Microsoft Defender for Cloud Apps
A Microsoft cloud access security broker that enables customers to control the access and use of software as a service apps in their organization.
116 questions
asked 2024-02-05T02:04:28.9966667+00:00
Vamshi Krishna 0 Reputation points
commented 2024-02-21T11:51:39.01+00:00
Givary-MSFT 29,351 Reputation points Microsoft Employee
0 answers

Can be onboarded

In the security.microsoft.com portal many devices onboarding status showing as "can be onboarded" Let me know how to change the status to onboarded.

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,233 questions
asked 2024-01-04T16:14:59.0433333+00:00
Balayuvaraj M 51 Reputation points
commented 2024-02-02T08:51:24.77+00:00
Givary-MSFT 29,351 Reputation points Microsoft Employee