1,147 questions with Microsoft Defender for Cloud-related tags

Sort by: Updated
2 answers

Want to know Defender CSPM standard plan features in detail.

Want to know Defender CSPM standard plan features in detail. Can anyone help from where i can get the elaborated features details of CSPM standard plan. Below are the features which we have in CSPM standard plan. 1.Identity and role assignments…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,147 questions
asked 2023-05-11T15:17:40.99+00:00
Prateek Rana 60 Reputation points
commented 2024-03-18T23:02:34.4333333+00:00
Serge 41 Reputation points
1 answer One of the answers was accepted by the question author.

Azure defender for cloud

Currently Azure defender for cloud helps us to check the NIST compliance. I am wondering what additional security measures Azure defender for cloud offers. For example, does it have extra measure to fight against Bots/DDoS Attacks, or does it scan our…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,147 questions
asked 2024-03-14T19:38:31.1533333+00:00
Yanping Sun 100 Reputation points
accepted 2024-03-18T19:12:20.7566667+00:00
Yanping Sun 100 Reputation points
0 answers

Request for Assistance: Identifying the Optimal Method for Data Filtering and Management

Dear Team, I hope this message finds you well. I am reaching out to seek your expertise and insights regarding a crucial aspect of our data management process. Background: We are currently working on optimizing our data filtering and management pipeline,…

Microsoft Teams
Microsoft Teams
A Microsoft customizable chat-based workspace.
8,854 questions
Outlook
Outlook
A family of Microsoft email and calendar products.
2,740 questions
Azure Data Explorer
Azure Data Explorer
An Azure data analytics service for real-time analysis on large volumes of data streaming from sources including applications, websites, and internet of things devices.
472 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,147 questions
asked 2024-03-18T16:38:51+00:00
YASHWANTHINI GANTA 0 Reputation points Microsoft Employee
0 answers

Microsoft Defender for Cloud - exclude ARC enabled machines

Hi all, I have a mix of normal vms and arc-eneabled machines in my subscription. The arc-enabled machines already have enpoint protection software installed so endpoint protection through MDFC is not needed for these machines. I was wondering if I can…

Azure
Azure
A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.
872 questions
Azure Arc
Azure Arc
A Microsoft cloud service that enables deployment of Azure services across hybrid and multicloud environments.
299 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,147 questions
asked 2024-03-18T14:02:10.5933333+00:00
NIJSTEN Stephen 20 Reputation points
1 answer

Compliance policies not evaluated for every device in Microsoft Intune.

Hi, I've recently been tasked with updating all of our endpoints to have Microsoft Defender for Endpoint. We have upgraded to Business Premium licenses which come the MDE and Intune. I've successfully onboarded 4 devices for testing through MDE, and the…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,147 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,156 questions
asked 2024-03-14T17:46:09.8333333+00:00
Deon Williamston 0 Reputation points
commented 2024-03-18T12:36:53.1033333+00:00
Givary-MSFT 26,281 Reputation points Microsoft Employee
2 answers

I am receiving this notification from the Defender "Insecure Azure storage account connection string"

I am receiving this notification from the Defender "Insecure Azure storage account connection string" Defender for Cloud found a plaintext storage account connection string. It is important to secure the connection string to avoid its leakage…

Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,581 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,147 questions
asked 2024-03-14T08:31:19.06+00:00
Pradeep Khantwal 20 Reputation points
edited an answer 2024-03-18T08:46:58.1066667+00:00
Nehruji R 1,111 Reputation points Microsoft Vendor
1 answer

Does the Azure monitor agent collect logs with default settings?

Hello! I have the scope of Azure Arc-enabled servers (on-premise, not Azure VM). There are Azure monitor agents (AMA) installed, so I think that when AMA was deployed, then logs started to be sent to our workspace. I see on the Data collection rules…

Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
2,714 questions
Azure Arc
Azure Arc
A Microsoft cloud service that enables deployment of Azure services across hybrid and multicloud environments.
299 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,147 questions
asked 2024-03-14T11:40:26.8133333+00:00
Oleksandr Romaniuk 465 Reputation points
commented 2024-03-18T07:58:41.9633333+00:00
Oleksandr Romaniuk 465 Reputation points
1 answer

differences between 2 trusted IP ranges in Azure

There are multiple places in Azure one can define trusted IP ranges. Two of them are: Security Portal\settings\cloud apps\IP address rages Entra portal \ security \ named locations What are differences between these 2 lists? Which one is used as…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,147 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,951 questions
asked 2024-03-13T14:47:04.05+00:00
John L 21 Reputation points
answered 2024-03-17T06:59:56.4766667+00:00
Akshay-MSFT 15,556 Reputation points Microsoft Employee
4 answers One of the answers was accepted by the question author.

NIST checklist

Hi, we are trying to comply with NIST standard. Microfost Defender for Cloud offers NIST checklist. While I working through the list, I am quite confused. One of the failure item is 'Azure Defender for servers should be enabled' which is in regards to…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,147 questions
asked 2024-03-06T15:22:26.87+00:00
Yanping Sun 100 Reputation points
accepted 2024-03-15T21:03:29.7233333+00:00
Yanping Sun 100 Reputation points
1 answer

Is there a way to block "Microsoft Azure PowerShell" for all users?

Greetings, I'm afraid that this one can't be blocked by design, but I will ask anyway. Is there a way to block login attempt from Microsoft Azure PowerShell? We are constantly probed from all around the world, and I can't see to figure out how to block…

Azure Information Protection
Azure Information Protection
An Azure service that is used to control and help secure email, documents, and sensitive data that are shared outside the company.
501 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,147 questions
Microsoft Intune Security
Microsoft Intune Security
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
301 questions
Microsoft Entra
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,951 questions
asked 2024-03-14T20:59:31.23+00:00
Andy Goldberg 0 Reputation points
edited a comment 2024-03-15T15:37:25.8666667+00:00
Andy Goldberg 0 Reputation points
0 answers

How can I exclude salesforce chrome extension from conditional access app control policies

I'm testing Salesforce app monitor using MCASB session control policies. To redirect Salesforce app access to MCASB, I created conditional access policies with conditional access app control. Salesforce team is using chrome extension that stop…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,147 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,951 questions
asked 2024-03-15T11:28:42.48+00:00
Oscar Rodrigues 0 Reputation points
0 answers

Inventory PST files based on computers in the Organizational Unit (OU) in Active Directory

Hello, I'm looking for a script/tool to collect information on all PST files located in user computers. What is the best and most efficient way to accomplish this?I have an inventory with this informations : ComputerName,UserName,EmailAddress,Pst File…

Microsoft Exchange Online
Microsoft System Center
Microsoft System Center
A suite of Microsoft systems management products that offer solutions for managing datacenter resources, private clouds, and client devices.
777 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,147 questions
PowerShell
PowerShell
A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
1,920 questions
asked 2024-02-19T13:36:01.21+00:00
APTOS 216 Reputation points
commented 2024-03-15T11:05:34.9233333+00:00
Catherine Kyalo 240 Reputation points Microsoft Employee
0 answers

I am receiving this notification from the Defender "Insecure SSH private key"

I am receiving this notification from the Defender "Insecure SSH private key" Defender for Servers found a plaintext SSH private key that is part of a pair. It is important to secure the private key to avoid its misuse or leakage. But on the…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,147 questions
asked 2024-03-14T08:28:38.85+00:00
Pradeep Khantwal 20 Reputation points
commented 2024-03-15T06:46:05.8066667+00:00
Givary-MSFT 26,281 Reputation points Microsoft Employee
1 answer

Missing options in Microsoft Defender Dashboard alert investigation

Hello all, I miss some options in the Alerts investigation of the Defender Dashboard. When investigating DLP related alerts, I was able to read the document which triggered the alert where the sensitive info was contained and sometimes the surrounding…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,147 questions
asked 2024-01-30T11:36:19.6333333+00:00
Josep Marzo 20 Reputation points
commented 2024-03-14T13:26:32.7133333+00:00
Josep Marzo 20 Reputation points
1 answer

Segregate management and operations of Defender for Cloud

I have a business requirement to segregate the management and operations of Defender for Cloud for multiple subscriptions in a single tenant structure. Currently for all subscriptions, Defender for Cloud is managed by users assigned with Security Admin…

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
634 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,147 questions
asked 2024-03-13T08:04:43.1766667+00:00
Faiz Azhar 0 Reputation points
answered 2024-03-14T08:11:08.3133333+00:00
Stanislav Zhelyazkov 19,606 Reputation points MVP
1 answer One of the answers was accepted by the question author.

What is "Log Analytics agent should be installed on virtual machines" recommendation

I have got this recommendation by Defender for cloud - "Log Analytics agent should be installed on virtual machines". As know that log analytics agent is going to be deprecated by 31st August this year. So If I go ahead with this recommendation…

Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
2,714 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,147 questions
asked 2024-03-13T16:09:59.7866667+00:00
Shivam Singh 110 Reputation points
commented 2024-03-14T07:53:58.1033333+00:00
Shivam Singh 110 Reputation points
5 answers

OpenSSL vulnerabilities showing in Defender Dashboard

We have multiple devices showing up with OpenSSL vulnerabilities. It is detecting two dll files that it is flagging. Which they are libssl-3-x64.dll and libcrypto-3-x64.dll. It is flagging this for multiple different applications through out multiple…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,147 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
141 questions
Microsoft Defender for Cloud Apps
Microsoft Defender for Cloud Apps
A Microsoft cloud access security broker that enables customers to control the access and use of software as a service apps in their organization.
94 questions
asked 2023-09-22T20:14:57.2433333+00:00
Jeff Thorne 25 Reputation points
commented 2024-03-13T15:41:18.98+00:00
Bwoo 0 Reputation points
1 answer

How to disable Microsoft Defender for cloud

Hi I'm practicing cloud, currently my subscription ended and I'm on pay as you go model with Basic Plan. Now Issue is this Microsoft Defender from cloud is costing me a lot almost half of my bill as per cost analysis. Considering I'm not using cloud for…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,147 questions
asked 2023-10-31T05:14:11.2533333+00:00
3go 0 Reputation points
commented 2024-03-13T12:50:06.3366667+00:00
yogendra chauhan 0 Reputation points
1 answer

WHEN was device onboarded to defender?

Hello I am attempting to see WHEN our devices were onboarded to defender, like a date and time. I can see there is a "First Seen" but that refers to a "when the device was first seen in the network or when it's first reported by the…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,147 questions
asked 2024-03-12T06:28:51.8233333+00:00
Aaron 0 Reputation points
answered 2024-03-13T10:29:30.1133333+00:00
Givary-MSFT 26,281 Reputation points Microsoft Employee
0 answers

Why is that exempted pods show up on affected pods list?

I configured disable rule on "Azure running container images should have vulnerabilities resolved" by specifying their image digests but I still see the the images on affected pods list. Why is that?

Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
1,810 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,147 questions
asked 2024-03-08T09:24:36.1233333+00:00
Eskedar Workeneh 5 Reputation points
commented 2024-03-12T23:47:38.4533333+00:00
kobulloc-MSFT 22,226 Reputation points Microsoft Employee