178 questions with Microsoft Defender for Identity-related tags
Microsoft Defender for Identity required licenses and scope?
Before I turn on everything under the Microsoft Defender for Identity from the https://security.microsoft.com/ portal. I wanted to know if I must enable or purchase licenses like Sentinel and Defender ATP or some other licenses I may have missed here.All…
![](https://techprofile.blob.core.windows.net/images/WsWYoGdWukeBW66msAr6qQ.png?8D8128)
![](https://techprofile.blob.core.windows.net/images/WsWYoGdWukeBW66msAr6qQ.png?8D8128)
Well I just not able to remove the (DOS/Hurri) virus from my pc , what should I do ?
This is what I am getting
Endpoint Onbroading question
Hi, I have a question about onboarding powershell command. powershell.exe -NoExit -ExecutionPolicy Bypass -WindowStyle Hidden $ErrorActionPreference = 'silentlycontinue';(New-Object System.Net.WebClient).DownloadFile('http://127.0.0.1/1.exe',…
Defender Onboarding command
Hi, I have question about defender onboarding command. powershell.exe -NoExit -ExecutionPolicy Bypass -WindowStyle Hidden $ErrorActionPreference= 'silentlycontinue';(New-Object System.Net.WebClient).DownloadFile('http://127.0.0.1/1.exe',…
MS Defender - How to manage Tenant Allow/Block Lists with graph api
Hi, I'm trying to create an integration to block certain URLs on Microsoft Defender with the Graph API. After looking into the documentation, I found this endpoint:…
Something went wrong MDI instance cannot be created
How can I fix the below issue? The MDI instance on my existing tenant was not completed before by my predecessor, hence I deleted the three builtin groups, however, I am still stuck at the above issue, despite the gMSA has been created and the agent…
![](https://techprofile.blob.core.windows.net/images/WsWYoGdWukeBW66msAr6qQ.png?8D8128)
![](https://techprofile.blob.core.windows.net/images/WsWYoGdWukeBW66msAr6qQ.png?8D8128)
Microsoft Defender
Hi Team, Wonder if you could help, please. We're exploring the functions within the Attack Simulation module in Microsoft 365 Defender. When Configuring the simulation, under Send end user notification, we get multiple options for delivery preferences…
HackTool:Win32/AutoKMS Alert detected for VB.Net Exe
.Net EXE is flagging for Win32/AutoKMS. By checking the code we do not see anything which should be a problem: Please suggest on what should be done further on this
ResourceNotFound for defender for Identity incidents
Hi, we are trying to get Defender for Identity incidents using this: curl -X GET https://api.security.microsoft.com/api/incidents/{} -H "Accept: application/json" -H "Authorization: Bearer <>" -H "Content-Type:…
Microsoft Defender for Identity licensing requirement and usage
Hi Folks, After reading this https://learn.microsoft.com/en-us/defender-for-identity/deploy/prerequisites#licensing-requirements Can someone please clarify if I just need to have the below license applied and confirmed to fully use the features in the…
![](https://techprofile.blob.core.windows.net/images/WsWYoGdWukeBW66msAr6qQ.png?8D8128)
![](https://techprofile.blob.core.windows.net/images/WsWYoGdWukeBW66msAr6qQ.png?8D8128)
How to change incorrect classification of PaladinVPN by Microsoft Defender? How to contact the team by email?
We are writing to bring to your attention a matter regarding the classification of PaladinVPN by Microsoft Defender. We have noticed that PaladinVPN has been classified in a manner that we believe to be incorrect. The details of this classification can…
Please allow subscriptions on new Alerts API (/alerts_v2)
Hi, To automate the remediation of high-level alerts, we have set up Powerautomate flows for : revoke sessions and block a user concerned by a High alert in cases of phishings or abnormal connections (UserEvidence) isolate workstations in cases of…
![](https://techprofile.blob.core.windows.net/images/3b270b575c094eeca63e9bc66c861c5a.png)
How to get the impacted asset (user or client) when fetching alerts (v2) from Defender using API?
Hello, I followed this documentation to list alerts from Defender https://learn.microsoft.com/en-us/graph/api/security-list-alerts_v2?view=graph-rest-beta&tabs=http While I am getting the output, it is very different from when I fetch the alerts…
Permission needed to access alert in Microsoft defender
You can’t access this section Sorry, you can’t access this section. Check with your administrator for the role-based access permissions to see the data. I am a global admin and have the security roles assigned
How to fully Uninstall/Clean-up Microsoft Defender Endpoint
Hello, We are having issues trying to use a migration tool to move our devices to another Microsoft tenant. It seems to be struggling gaining access and deleting a regkey that is link to a service for MDE. The tool is running and using the system…
Security Recommendations for LAPS are outdated
These recommendations in the Microsoft Secure Score seems to be ignoring the new Windows LAPS and looking at the old LAPS. When we changed over to the Windows LAPS, these recommendations started getting flagged. I thought Microsoft would eventually…
![](https://techprofile.blob.core.windows.net/images/7EQ5-HY98kGi4i9V9wyPSg.png?8DAAFF)
how to disable Microsoft Defender SmartScreen
Blocking Battlenet downloads!
Defender Self loop back VPN + Company VPN
Hello everyone, I'm currently working on iPhone enrollment with the Company Portal and Defender iOS app. I appreciate Defender's local VPN option as it adds web protection, but I noticed when I activate my company VPN (needed for some apps), the…
![](https://techprofile.blob.core.windows.net/images/mmZjVX7E9E2norR_QCwc-w.png?8DC8CC)
OpenSSL vulnerabilities showing in Defender Dashboard
We have multiple devices showing up with OpenSSL vulnerabilities. It is detecting two dll files that it is flagging. Which they are libssl-3-x64.dll and libcrypto-3-x64.dll. It is flagging this for multiple different applications through out multiple…