178 questions with Microsoft Defender for Identity-related tags
Can we exclude Remediated Risk state alerts in Identity Protection
We have Risk state as Remediated in the Sign in log tables. Can those alerts be excluded or should we monitor and investigate them under certain conditions with Authorization details etc.
edit severity forwarding/redirect rule from informational to High
Hiya, we have an information alert regarding forwarding/redirect rule. We are not firing emails off for informational else we would be swamped with emails. Is there a way to change this forwarding/redirect rule. to high rather than informational , or is…
Track change on DC with Defender for Identity?
We have 2016 Domain Controllers and Auditing is enabled. We are trying to configure/deny read permission, for members of a group, over the Domain Admins group in Active Directory. But something is removing that change after some time. I can find…
Exchange Auto forwarded message report filter?
Hello, We currently utilise the Auto forwarded message report Auto forwarded message report feature on Exchange (Reports > Mailflow > Auto forward message report). We are alerted into Defender for any new auto-forward rules set up in our estate…
How to get defender for cloud plans activated for a long analytics workspace through powershell?
Hello everyone, I am trying to get the defender for cloud plans activated for a log analytics workspace through powershell, but there is no such command in powershell to get that. Can anyone help me with this would be highly appreciated. Thanks in…
All browser issue - Error processing SAML - Please contact your support
I've been trying to log onto our Pitney Bowes site all week and can't. I keep getting this error My laptop is the only one getting it. The other laptop and even my cellphone can login. Pitney Bowes can't figure it out. After 6 days, I gave up with them.…
What is Microsoft recommended secure score for m365 defender workloads includes MDO, MDE, MDI and MDCloudApps?
What is Microsoft recommended secure score for m365 defender workloads includes MDO, MDE, MDI and MDCloudApps? How to make sure everything is in place in terms of securing environment?
How to export reports from Microsoft 365 defender which are highlighted in below screenshots via PowerShell or any other way for the same?
How to export reports from Microsoft 365 defender which are highlighted in below screenshots via PowerShell or any other way for the same? See below screenshot for reference.
Problem on status update in security score (Recommendation) Microsoft 365 Defender portal
I've made some security recommendations in Microsoft 365 Defender portal. My first question is after fixing which status I should assign? Second, Why the status didn't change to "Complete" and give a related score? (items was fixed more than…
Onboard Defender for Endpoint without AD
Hello Is it possible to onboard a Windows 10 machine to Defender for Endpoint that is not connected to Active Directory and not Azure AD Hybrid joined? Thanks
I used a third party app to disable security and now the firewall and security are not working.
I used a third party app to disable windows security. Now it is not turning on. I even uninstalled the software and updated windows .. used CMD to repair but still not working. Windows Defender, Firewall and Windows Security all are not working. please…
Issues with Defender for endpoint configuration
Hello, I wanted to ask few questions regarding the Microsoft defender and Intune We have 75 test licenses (25 from business premium and 50 from endpoint plan 2 which as far as i know are two separate ones with different functionality) Below things…
About SOC service
I want to Know what SOC exactly is? Is it a part of Microsoft 365 ? IS it a Group of member or Feature? Where can I find it in M365 tenant? Can It still be available in Business Premium Subscription? IS it a cost service? Please help me to know about SOC
I can't use Defender for endpoint on Android
I tried Defender for Endpoint for 3 months, but I got an error "working profile is not available" when logging into my account on my Android device. In the meantime, my defender for endpoint has given permissions to azure, what should I do?
After activating trial of Microsoft Defender for Office 365
Hello. Please i need your help on this issue. Since we activated trial of Microsoft Defender for Office 365 (Plan 2) for our tenant we cannot open link in Teams desktop app on Windows server 2016 (Citrix). Could you please tell me where to turn off…
License for managing the Microsoft 365 Defender portal.
I am an administrator managing the Microsoft 365 Defender portal. Do I need a certain level of Microsoft 365 license for the account I use to sign in to the portal to do the job or Microsoft 365 Business Basic is good enough?
Ceritication Expiration
Hello, I have passed the MS-100 exam on February 28, 2022. And the MS-101 on September 28, 2022. I am planning to pass the MS-203 on September 27 this year. Do I have to pass the MS-203 before the passing date of the MS-100 exam (less than one year) to…
Quarantine notification via Transport Rule
Hello, I work in a SOC and I'd like our team to be notified whenever an employee from a VIP group, has one of their emails quarantined. I do not know of any way that Defender can do this - currently it only notifies the recipient that their mail has been…