171 questions with Microsoft Defender for Identity-related tags

Sort by: Updated
Updated Created Answers
1 answer

How to fully Uninstall/Clean-up Microsoft Defender Endpoint

Hello, We are having issues trying to use a migration tool to move our devices to another Microsoft tenant. It seems to be struggling gaining access and deleting a regkey that is link to a service for MDE. The tool is running and using the system…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,249 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,640 questions
Microsoft Q&A
Microsoft Q&A
Use this tag to share suggestions, feature requests, and bugs with the Microsoft Q&A team. The Microsoft Q&A team will evaluate your feedback on a regular basis and provide updates along the way.
644 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
171 questions
Microsoft Defender for Endpoint Training
Microsoft Defender for Endpoint Training
Microsoft Defender for Endpoint: A Microsoft unified security platform for preventative protection, postbreach detection, and automated investigation and response. Previously known as Microsoft Defender Advanced Threat Protection.Training: Instruction to develop new skills.
26 questions
asked 2024-06-27T13:23:57.6933333+00:00
Dan Beeney 0 Reputation points
commented 2024-06-28T15:08:27.03+00:00
Dan Beeney 0 Reputation points
2 answers

Security Recommendations for LAPS are outdated

These recommendations in the Microsoft Secure Score seems to be ignoring the new Windows LAPS and looking at the old LAPS. When we changed over to the Windows LAPS, these recommendations started getting flagged. I thought Microsoft would eventually…

Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
4,979 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,489 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
171 questions
asked 2023-06-28T10:54:09.08+00:00
ADM-Griffin2, Jay 121 Reputation points
edited a comment 2024-06-28T10:21:29.89+00:00
Daniel Wilkins 0 Reputation points
0 answers

Hunting: why some quiries is not working like user name, InitiatingProcessCommandLine , user Id and a lot of them thee is redline under it while it is correctly connected with intune and avaliable

example and most of my quries is like this

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,249 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,640 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
171 questions
Microsoft Defender for Cloud Apps
Microsoft Defender for Cloud Apps
A Microsoft cloud access security broker that enables customers to control the access and use of software as a service apps in their organization.
118 questions
Microsoft Defender for Endpoint Training
Microsoft Defender for Endpoint Training
Microsoft Defender for Endpoint: A Microsoft unified security platform for preventative protection, postbreach detection, and automated investigation and response. Previously known as Microsoft Defender Advanced Threat Protection.Training: Instruction to develop new skills.
26 questions
asked 2024-06-25T23:26:27.2666667+00:00
Abdelgalil, Mohamed 0 Reputation points
commented 2024-06-27T14:09:33.48+00:00
Akshay-MSFT 17,411 Reputation points Microsoft Employee
0 answers

Well I just not able to remove the (DOS/Hurri) virus from my pc , what should I do ?

This is what I am getting

Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
171 questions
asked 2024-06-17T04:33:19.02+00:00
Manvendra Singh 0 Reputation points
edited the question 2024-06-17T04:34:27.5966667+00:00
Manvendra Singh 0 Reputation points
1 answer

how to disable Microsoft Defender SmartScreen

Blocking Battlenet downloads!

Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
171 questions
asked 2024-06-16T13:46:20.0966667+00:00
Steve Birch 0 Reputation points
answered 2024-06-16T14:35:45.49+00:00
Marcin Policht 16,420 Reputation points MVP
0 answers

Microsoft Defender

Hi Team, Wonder if you could help, please. We're exploring the functions within the Attack Simulation module in Microsoft 365 Defender. When Configuring the simulation, under Send end user notification, we get multiple options for delivery preferences…

Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
171 questions
asked 2024-06-15T23:51:14.7066667+00:00
Dipen Soni 0 Reputation points
0 answers

HackTool:Win32/AutoKMS Alert detected for VB.Net Exe

.Net EXE is flagging for Win32/AutoKMS. By checking the code we do not see anything which should be a problem: Please suggest on what should be done further on this

Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
171 questions
asked 2024-06-12T06:38:40.1733333+00:00
Vijayalakshmi Puranik 0 Reputation points
edited the question 2024-06-12T09:12:24.9333333+00:00
Jiachen Li-MSFT 28,001 Reputation points Microsoft Vendor
1 answer

Defender Self loop back VPN + Company VPN

Hello everyone, I'm currently working on iPhone enrollment with the Company Portal and Defender iOS app. I appreciate Defender's local VPN option as it adds web protection, but I noticed when I activate my company VPN (needed for some apps), the…

Windows Network
Windows Network
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.Network: A group of devices that communicate either wirelessly or via a physical connection.
693 questions
Microsoft Intune Security
Microsoft Intune Security
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
369 questions
Microsoft Intune iOS
Microsoft Intune iOS
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.iOS: An Apple mobile operating system.
201 questions
Microsoft Intune Enrollment
Microsoft Intune Enrollment
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Enrollment: The process of requesting, receiving, and installing a certificate.
1,299 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
171 questions
asked 2024-06-05T08:35:11.75+00:00
Loïc 85 Reputation points
answered 2024-06-11T10:17:34.9+00:00
Miguel Gonçalves | AVANADE 811 Reputation points
8 answers

OpenSSL vulnerabilities showing in Defender Dashboard

We have multiple devices showing up with OpenSSL vulnerabilities. It is detecting two dll files that it is flagging. Which they are libssl-3-x64.dll and libcrypto-3-x64.dll. It is flagging this for multiple different applications through out multiple…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,249 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
171 questions
Microsoft Defender for Cloud Apps
Microsoft Defender for Cloud Apps
A Microsoft cloud access security broker that enables customers to control the access and use of software as a service apps in their organization.
118 questions
asked 2023-09-22T20:14:57.2433333+00:00
Jeff Thorne 40 Reputation points
edited an answer 2024-06-11T07:59:39.7466667+00:00
Ronald Bok 0 Reputation points
1 answer

Microsoft.Tri.Sensor.Updater.exe Sensor

Hi, How install sensor in DC server. Need to know any troubleshooting steps for Microsoft.Tri.Sensor.Updater.exe sensor if possible share the deep dive document about sensor

Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
171 questions
asked 2024-05-15T13:41:37.64+00:00
Balayuvaraj M 51 Reputation points
answered 2024-06-10T13:10:28.5233333+00:00
Catherine Kyalo 655 Reputation points Microsoft Employee
1 answer

Managed installer errors for specific devices

Hello  Please i need your help on this issue. We are trying to roll out Windows Defender Application Control (WDAC) to the devices however, when we enabled the managed installer it is failing on some of the devices. When I export the devices status the…

Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
4,979 questions
Microsoft Configuration Manager Updates
Microsoft Configuration Manager Updates
Microsoft Configuration Manager: An integrated solution for for managing large groups of personal computers and servers.Updates: Broadly released fixes addressing specific issue(s) or related bug(s). Updates may also include new or modified features (i.e. changing default behavior).
1,003 questions
Microsoft Intune Configuration
Microsoft Intune Configuration
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Configuration: The process of arranging or setting up computer systems, hardware, or software.
1,781 questions
Microsoft Intune Updates
Microsoft Intune Updates
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Updates: Broadly released fixes addressing specific issue(s) or related bug(s). Updates may also include new or modified features (i.e. changing default behavior).
90 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
171 questions
asked 2024-06-07T03:38:07.8466667+00:00
Iniobong Nkanga 1,691 Reputation points
answered 2024-06-10T01:32:15.4866667+00:00
Xenia-MSFT 545 Reputation points Microsoft Vendor
0 answers

ResourceNotFound for defender for Identity incidents

Hi, we are trying to get Defender for Identity incidents using this: curl -X GET https://api.security.microsoft.com/api/incidents/{} -H "Accept: application/json" -H "Authorization: Bearer <>" -H "Content-Type:…

Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
171 questions
asked 2024-06-07T06:00:53.2533333+00:00
itay4 36 Reputation points
0 answers

How to get the impacted asset (user or client) when fetching alerts (v2) from Defender using API?

Hello, I followed this documentation to list alerts from Defender https://learn.microsoft.com/en-us/graph/api/security-list-alerts_v2?view=graph-rest-beta&tabs=http While I am getting the output, it is very different from when I fetch the alerts…

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,183 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,249 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
171 questions
Microsoft Defender for Cloud Apps
Microsoft Defender for Cloud Apps
A Microsoft cloud access security broker that enables customers to control the access and use of software as a service apps in their organization.
118 questions
asked 2024-05-30T13:30:38.1333333+00:00
Rawad BASSIL 0 Reputation points
edited the question 2024-06-06T06:12:59.9466667+00:00
Rakesh Gurram 5,070 Reputation points Microsoft Vendor
0 answers

Please allow subscriptions on new Alerts API (/alerts_v2)

Hi, To automate the remediation of high-level alerts, we have set up Powerautomate flows for : revoke sessions and block a user concerned by a High alert in cases of phishings or abnormal connections (UserEvidence) isolate workstations in cases of…

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,183 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
171 questions
asked 2024-05-28T14:04:05.0833333+00:00
Roch AUBURTIN 0 Reputation points
edited the question 2024-06-06T05:07:53.86+00:00
RNareddy 915 Reputation points Microsoft Vendor
2 answers

Not allowing to connect Sentinel Data connector with Defender XDR

Hello, I was trying to connect the "Microsoft Defender XDR" connector with "Microsoft Sentinel", but I am facing the below error. I am not sure why Sentinel is not allowing to establish the XDR connector. As I am the Owner of the…

Microsoft Sentinel
Microsoft Sentinel
A scalable, cloud-native solution for security information event management and security orchestration automated response. Previously known as Azure Sentinel.
1,036 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
171 questions
asked 2024-05-08T12:07:43.2433333+00:00
Karan Bhatt 27 Reputation points
commented 2024-06-04T20:50:35.54+00:00
James Hamil 22,891 Reputation points Microsoft Employee
1 answer

Microsoft Endpoint DLP

If I want to Deploy Microsoft Endpoint DLP in my organization? What kind of licenses do I required. I already have Business basic & Business Standard licenses with me will that work?

Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
171 questions
asked 2024-05-28T08:38:33.7666667+00:00
Vinod Tembe 0 Reputation points
answered 2024-06-04T10:07:31.0766667+00:00
Catherine Kyalo 655 Reputation points Microsoft Employee
2 answers

A Microsoft Intune license was not found

I'm trying to enable defender for endpoint and I'm getting this error. I already have E3 license assigned to me. How to fix this?

Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
171 questions
asked 2023-08-16T15:30:08.98+00:00
Rishineken Pongen 166 Reputation points
commented 2024-05-29T19:09:54.4633333+00:00
Hamed, Ali 0 Reputation points
1 answer One of the answers was accepted by the question author.

No License Found - Microsoft Defender

Hi there, I am seeing the following message when opening Microsoft Defender on a Mac (deployed via Intune). We do have Defender license assigned to user via Business Premium. We already have set section 1 set to Windows 10 and 11 in Microsoft Defender…

Microsoft Intune Configuration
Microsoft Intune Configuration
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Configuration: The process of arranging or setting up computer systems, hardware, or software.
1,781 questions
Microsoft Intune MacOs
Microsoft Intune MacOs
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.MacOs: A family of Apple operating systems for the Apple Mac line of computers.
76 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
171 questions
Microsoft Defender for Cloud Apps
Microsoft Defender for Cloud Apps
A Microsoft cloud access security broker that enables customers to control the access and use of software as a service apps in their organization.
118 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,270 questions
asked 2024-05-17T15:46:34.9233333+00:00
Anam Ahmed 61 Reputation points
commented 2024-05-22T01:11:00.07+00:00
Xenia-MSFT 545 Reputation points Microsoft Vendor
1 answer

Visual Studio blocked by MS Defender

Microsoft defender blocked visual studio 2022 ( C#) and I can't enter windows forms, console, etc. Please help.

Visual Studio
Visual Studio
A family of Microsoft suites of integrated development tools for building applications for Windows, the web and mobile devices.
4,808 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,249 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
171 questions
Microsoft Defender for Cloud Apps
Microsoft Defender for Cloud Apps
A Microsoft cloud access security broker that enables customers to control the access and use of software as a service apps in their organization.
118 questions
asked 2024-05-18T09:09:30.3366667+00:00
Pepe 0 Reputation points
answered 2024-05-20T07:33:09.3466667+00:00
Anna Xiu-MSFT 27,471 Reputation points Microsoft Vendor
0 answers

ImpossibleTravelActivity query filtering out "non-interactive sign-ins"

Since Microsoft disabled all useful policies like Impossible travel i created new custom rule. BehaviorInfo   | where ActionType == "ImpossibleTravelActivity" | join BehaviorEntities on BehaviorId So now the issue is that i cannot find how to…

Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
171 questions
asked 2024-05-15T08:04:41.3166667+00:00
Trifonov, Vladimir 0 Reputation points