Azure
A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.
944 questions
1,194 questions with Microsoft Defender for Cloud-related tags
1 answer
One of the answers was accepted by the question author.
Is there a way to enable Defender for Servers in Azure by resource group within a subscription?
Working on deploying Defender for Cloud and wanting to enable Defender for Servers in Azure on a subscription but don't want all servers within the subscription to have it enabled just yet. Would prefer to target servers in specific resource groups…
Azure
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,194 questions
asked 2024-04-26T14:45:09.53+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 26%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAG%3C/text%3E%3C/svg%3E)
Adrienne Gotwalt
0
Reputation points
accepted 2024-04-26T15:31:13.1966667+00:00
Adrienne Gotwalt
0
Reputation points
1 answer
Time Difference between Intune & defender console
Hello Expert, My query is that I checked and found that the time status on the device in Intune is showing something different, and in Defender it's showing something else. Why is that? Can you please suggest.
asked 2024-04-22T19:44:29.1266667+00:00
TechUST
416
Reputation points
commented 2024-04-26T06:21:06.58+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 35%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZM%3C/text%3E%3C/svg%3E)
ZhoumingDuan-MSFT
7,750
Reputation points Microsoft Vendor
0 answers
How To Remediate Azure Secure Score Recommendations
Hello, I have this is security recommendation showing in Defender for Cloud, "Azure Machine Learning Computes should have local authentication methods disabled", the remediation steps given is to toggle "Enable SSH access" off. I…
asked 2024-03-01T02:36:26.8366667+00:00
Andy Lau Pik Hui
60
Reputation points
commented 2024-04-26T01:30:20.87+00:00
Andy Lau Pik Hui
60
Reputation points
1 answer
Error when using Advanced Hunting
Hello, I have a customer that is getting the error below when using advanced hunting and is unable to search 'EmailEvents' and would like some insight on it? Issue: When using the Advanced Hunting option, the object 'EmailEvents' returns: "Syntax…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 24%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
1 answer
Defender I use GPO Can Switch Config policy On Defender Mange by MDE device configuration management ?
Now plan deploy MDE my PC joins local AD which makes it difficult to manage policy through GPO. Is this possible? If I want to use Switch Gpo policy through Device configuration management MDE?
asked 2024-04-25T09:12:13.4166667+00:00
TECHIT SRIWICHAI
160
Reputation points
answered 2024-04-25T23:04:07.87+00:00
TECHIT SRIWICHAI
160
Reputation points
1 answer
Choosing between Defender for Endpoint and Defender for Server for servers with no internet connectivity
We are planning to migrate from Symantec® Endpoint Security to Microsoft, specifically looking for EDR and XDR features for our On Prem servers that have no connectivity to the internet. Should we use Defender for Endpoint or Defender for Servers? We are…
asked 2024-04-23T07:49:38.81+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 31%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EML%3C/text%3E%3C/svg%3E)
milo last
0
Reputation points
answered 2024-04-25T20:12:46.3666667+00:00
James Hamil
21,696
Reputation points Microsoft Employee
5 answers
Defender 365 admin console - Disabled Connected to a custom indicator & Connected to a unsanctionned blocked app rules
I want to know how I can disable these two following alerts : Disabled Connected to a custom indicator Connected to an unsanctioned blocked app I didn't find these alerts on the Alerts Policy of XDR/EPP or Cloud apps. Since all the changed that…
asked 2024-03-21T14:28:41.46+00:00
Étienne Fiset
45
Reputation points
answered 2024-04-25T18:15:54.0566667+00:00
Étienne Fiset
45
Reputation points
0 answers
Logic App - Internal Server Error for HTTP request
Hello, I'm working on a logic app integration with Microsoft Defender for Vulnerability. I use HTTP request to authenticate with Microsoft Defender API. …
asked 2024-04-22T10:52:35.3133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(73.60000000000001, 62%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHP%3C/text%3E%3C/svg%3E)
Hrabec Pavel
0
Reputation points
commented 2024-04-25T12:36:53.7633333+00:00
Hrabec Pavel
0
Reputation points
0 answers
Run a phishing simulation
No matter what type of simulation I am doing. They are not working.
asked 2024-04-15T18:48:10.51+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 59%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDM%3C/text%3E%3C/svg%3E)
Dennis Machado (Tek Experts)
0
Reputation points Microsoft Vendor
commented 2024-04-25T09:54:24.62+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 90%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPM%3C/text%3E%3C/svg%3E)
Pauline Mbabu
10
Reputation points Microsoft Employee
2 answers
Defender for Business onboarding endpoint
When running Microsoft Defender Endpoint onboarding for manual device onboarding, the error occurs: Error ID: 15, Error Level: 1. I have already carried out all the procedures in this answer:…
asked 2024-04-22T23:49:47.3833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 20%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMO%3C/text%3E%3C/svg%3E)
Maguino Oliveira - Safety Computer
0
Reputation points
answered 2024-04-25T06:52:45.3166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
Givary-MSFT
27,966
Reputation points Microsoft Employee
2 answers
One of the answers was accepted by the question author.
Defender P2 Qualys Deprecation -> switch to MDE for MDVM
Qualys is being deprecated to be used together with Cloud Defender for Servers Plan 2. In the documentation I read that MDVM is part of MDE, either plan 1 or plan 2. Plan 1 has basic vulnerability scanning and p2 supplies addons to that basic…
asked 2024-04-18T05:07:22.7233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 40%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EB8%3C/text%3E%3C/svg%3E)
BartDecker-8243
175
Reputation points
answered 2024-04-25T06:17:07.11+00:00
BartDecker-8243
175
Reputation points
1 answer
One of the answers was accepted by the question author.
Custom detection in MDE
I am trying to create Custom Detection in Microsoft Security Center where my query has multiple Join and summarize statements. Whenever I am running query its providing results but after saving in Custom Detection form and under its results section its…
asked 2024-04-23T12:01:01.1433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 73%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAK%3C/text%3E%3C/svg%3E)
Ankush Kumar
35
Reputation points
accepted 2024-04-24T07:49:17.5166667+00:00
Ankush Kumar
35
Reputation points
2 answers
Snapshot not working for continues export of Defender for Cloud
Hi, I have setup a continues export for Defender for Cloud as described in the following documentation to export all possible data to a Log Analytics workspace using streaming updates and snapshot.…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(284.8, 49%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EB%3C/text%3E%3C/svg%3E)
3 answers
Support for Microsoft Defender on on premise Active Directory domain controllers
hi - can you tell us if Microsoft supports or partially supports or does not support Microsoft Defender for Servers/Cloud going onto on premise domain controllers? If there are any special caveants please provide links
asked 2024-04-09T00:47:46.03+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 88%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETM%3C/text%3E%3C/svg%3E)
Tom Minchin
0
Reputation points
answered 2024-04-22T15:11:15.3733333+00:00
obi-wan
0
Reputation points
1 answer
Confused with Module 3 - Policy Management at https://github.com/Azure/Microsoft-Defender-for-Cloud/blob/main/Onboarding/Modules/3-Policy-Management.md#step-3---assign-and-customize-the-mdc-default-policy
Hi, I am reading the onboarding process and reached module 3 at https://github.com/Azure/Microsoft-Defender-for-Cloud/blob/main/Onboarding/Modules/3-Policy-Management.md#step-3---assign-and-customize-the-mdc-default-policy I have already activated all…
asked 2024-03-29T17:09:12.1766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 19%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESE%3C/text%3E%3C/svg%3E)
Salam ELIAS
112
Reputation points
commented 2024-04-22T13:07:12.7933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 43%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
Monalla-MSFT
11,636
Reputation points
2 answers
Applying azure PCI DSS4 regulatory complaince policy for passwords
Hi, I am trying to assign PCI DSS4 Defender for cloud regulatory compliance policy for passwords - Audit Windows machines that allow re-use of the passwords after the specified number of unique passwords- where count is 24 Audit Windows machines that…
asked 2024-04-16T20:23:01.5533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 32%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EIS%3C/text%3E%3C/svg%3E)
Ishan Saxena
20
Reputation points
answered 2024-04-18T20:45:02.7166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 38%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
Marcin Policht
10,525
Reputation points MVP
7 answers
OpenSSL vulnerabilities showing in Defender Dashboard
We have multiple devices showing up with OpenSSL vulnerabilities. It is detecting two dll files that it is flagging. Which they are libssl-3-x64.dll and libcrypto-3-x64.dll. It is flagging this for multiple different applications through out multiple…
asked 2023-09-22T20:14:57.2433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(182.40000000000003, 84%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJT%3C/text%3E%3C/svg%3E)
Jeff Thorne
40
Reputation points
answered 2024-04-18T14:51:14.6833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 15%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJS%3C/text%3E%3C/svg%3E)
Julio Soza
0
Reputation points
1 answer
One of the answers was accepted by the question author.
Setting Defender for Server Pricing Plan per resource + disable MDE auto-provision
I have some question related Defender for server and the added ability to set the pricing plans on a resource level as well as outlined here:…
asked 2024-04-15T14:25:42.88+00:00
BartDecker-8243
175
Reputation points
accepted 2024-04-18T05:02:11.6733333+00:00
BartDecker-8243
175
Reputation points
1 answer
Can Defender for Endpoint policies and features on Azure Stack HCI hosts be managed by MDE or SCCM?
I am curious whether MDE or SCCM can be used to manage Defender for Endpoint policies and features on Azure Stack HCI hosts. Also, does Azure Stack support the use of ASR rules via Defender for Endpoint? Will enabling ASR impact the functioning of Azure…
asked 2024-04-16T14:22:45.8666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 57.99999999999999%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJC%3C/text%3E%3C/svg%3E)
Jamie Childs
21
Reputation points
answered 2024-04-18T01:16:36.9066667+00:00
vipullag-MSFT
24,111
Reputation points Microsoft Employee
1 answer
How to get the list of CIS benchmark available for each OS in defender?
Hi Team, We are currently using defender for cloud, where we need to understand the SCA capability of defender for each OS and what all CIS benchmarks does it covers for each os. Can we able to get the list of available Benchmarks for Windows, Linux and…
asked 2024-04-08T11:41:37.79+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(38.4, 39%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
Jayaraman M
0
Reputation points
commented 2024-04-17T01:54:14.4233333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 45%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Akhilesh
4,775
Reputation points Microsoft Vendor