198 questions with Microsoft Defender for Identity-related tags
Security Recommendations for LAPS are outdated
These recommendations in the Microsoft Secure Score seems to be ignoring the new Windows LAPS and looking at the old LAPS. When we changed over to the Windows LAPS, these recommendations started getting flagged. I thought Microsoft would eventually…
Fake Copy/Paste (copy text - paste example TYfcWtHDivhu9PRkaaCCVAoAk6SKTS2XDH)
I use exclusively MS products on different servers at the same time. But for more than a year now I have been suffering from a problem with copying text. The problem is that after copying the text, the following TYfcWtHDivhu9PRkaaCCVAoAk6SKTS2XDH…
Audit and monitor removable devices from intune
Hello Team, I'm configuring an ASR rule to audit removable devices as the following: I need to know how to get these audits, I didn't find anything related to this policy in the surface attack reduction reports. Thanks, Alaa ELrayes
MDATP for MacOS doesnt fetch DeviceAAD ID info from Mac endpoints
Hello, Could you please help us to identify what caused the problem? We have a problem with MDATP fetching DeviceAADID for MacOS devices. I don't see such information from onboarded devices in Security Microsoft Portal. It doesn’t connected with macOS…
Secure Score wants me to disable delegation on my Domain Controller computer accounts
originally posted on the Office365 'answers' forum but I was told that was not the correct place and I should post it here instead. Microsoft Secure Score flagged a number of 'privileged' accounts on my AD domain that were set to allow delegation. I…
W11 - Virus & Threat Protection
Hi, When I disable "Automatic sample submission" (see below) I receive periodic popups that the device may be vulnerable (see below), and it remains the same until I "Dismiss". Is there any workaround to NOT show this popup…
Package fails to install for Windows 2016 endpoints in Microsoft Defender for Identity
Problem with enroling Windows 2016 devices in Microsoft Defender for Identity As part of moving from a third party AV to defender (2019 and 2022 work fine). PowerShell Running the installation package fails on 2016 for multiple servers All available…
How to change Microsoft attack simulator Training Language
Hello, I need some help in the ability to change the Microsoft Attack Simulator Video training from the default of English to a foreign language. The chosen video training does support the language but I have been unsuccessful in finding the setting in…
Where to install Defender for Identity Sensor for VPN Integration
We have followed the steps in this document https://learn.microsoft.com/en-us/defender-for-identity/vpn-integration to setup VPN Integration for Defender for Identity. However we don't see the sensor receiving any data. As per the document we have added…
Defender Attack Simulation is sending duplicate training notifications
The attack simulation in defender is sending out the duplicate training notifications, when a user is compromised, immediately after the first. Is there something in the set up that I'm missing?
MS Defender - How to manage Tenant Allow/Block Lists with graph api
Hi, I'm trying to create an integration to block certain URLs on Microsoft Defender with the Graph API. After looking into the documentation, I found this endpoint:…
Microsoft Purview Audit Log - Send Microsoft Defender XDR activities to Sentinel
Hello everyone! I would like to forward the Microsoft Defender XDR activities and Microsoft Defender for Identity activities (https://learn.microsoft.com/en-us/purview/audit-log-activities#microsoft-defender-for-identity-activities) from the Microsoft…
Microsoft Windows Server 2019 - Advanced auditing
Any chance a windows expert could assist with with advanced auditting group policy? it is turned on and shows the correct settings when i run an auditpol but when i do an rsop check, Advanced Auditing is missing under this check. When i perform an MDI…
Issue with Azure Identity Validation - Minimum 3-Year Requirement
We’re currently facing an issue with Azure’s identity validation process for our organization, Toeverything, which is based in Singapore. We’ve submitted the required documents, including: Organization name, address, and contact details Domain…
OpenSSL vulnerabilities showing in Defender Dashboard
We have multiple devices showing up with OpenSSL vulnerabilities. It is detecting two dll files that it is flagging. Which they are libssl-3-x64.dll and libcrypto-3-x64.dll. It is flagging this for multiple different applications through out multiple…
Defender for Identity - Directory Services Advanced Auditing is not enabled
Hi Everyone, We have followed the following guide from Microsoft in regards to enabling "advanced auditing" for Defender for Identity: https://learn.microsoft.com/en-us/defender-for-identity/configure-windows-event-collection However, we keep…
When a Computer slows down?
Need to know what questions are important to solve a problem of a slow down computer with windows 10
Accessibility of Microsoft Applications
Hi Community, I have been facing an issue with the accessibility settings on my mobile device for some of the microsoft apps like authenticator, defender, link to windows and launcher. When I turn the access on for them after some time it is turned back…
Office 365 Attack Simulator
I want to run an Office 365 attack simulation training phishing test in a Customer. According to the article below, I need either one of these licenses: Microsoft 365 E5 or Microsoft Defender for Office 365 Plan 2…
How i can whit list or change defender rules ,when malicious files are detected in SharePoint Online, OneDrive, or Microsoft Teams and backup failed by Veam as their is malware in file
How i can whit list or change defender rules ,when malicious files are detected in SharePoint Online, OneDrive, or Microsoft Teams and backup failed by Veaam as their is malware in file how we can make them whit list as these are legitimate files as…