186 questions with Microsoft Defender for Identity-related tags
Microsoft Defender Device Inventory Export not downloading.
when we try and do an export we get the error shown. Tried edge and chrome and firefox and cant download it. Is there something i can check to see why it wont download?
Can you please provide me the API details for this?
I want to get the Microsoft Message encryption report and Alerts from Microsoft Compliance programatically using API. Manually I do the process in the following way: Message Encryption Report: Link:…
odbc oledb Vulnerability fix in Microsoft defender for endpoint.
We have Win 10 devices onboarded in Defender for endpoint. There are vulnerabilities showing up for for ODBC and OLE DB. We installed version Microsoft OLE DB Driver 18.6.6 and Microsoft OLE DB Driver 18.6.6 still these are reflecting in the…
Translation dosen't work in Microsoft 365 (Document Translation Failed .Please Try again)
Hello , When i try to translate a word document i get the message Bellow : My Office version is : we used E5 licences and the windows version is windows 11 23H2 I have tried many things but still encounter the error up to now. I attempted to…
I have Attack surface reduction
I have create two rules in ASR in one rule i have set audit and in other rule i have set block for same configuration Block executable files from running unless they meet a prevalence, age, or trusted list criterion but when i see report from defender…
How to get the list of CIS benchmark available for each OS in defender?
Hi Team, We are currently using defender for cloud, where we need to understand the SCA capability of defender for each OS and what all CIS benchmarks does it covers for each os. Can we able to get the list of available Benchmarks for Windows, Linux and…
trojan:script/wacatac.h!ml error occurred in our game executable file (.exe).
We received a report from a game user at our company that the game was being deleted as a threat to Microsoft Defender. Our games are distributed with secure signing using Advanced Installer. How can I solve this problem?
The Address you provided is invalid, please provide a valid address and try again!!!
Hi, While I was trying to schedule the SC-200 Exam, I got the error message that the billing address isn't valid. How can I fix this issue. Thanks! Best Regards, Jasmina Jakob
On Microsoft Defender portal, why is my Defender for Identity locked out?
I did create the Microsoft Sentinel as well as created a log analytics workspace. Followed all of the necessary steps. Once in the Microsoft Defender portal, it says that my Defender for Identity is locked out. Why is this? Entra ID Protection has been…
How to prevent "Microsoft defender SmartScreen prevented an unrecognised app" warning for my own python based app
Hi, I developed a python based application for windows and I created a setup exe for installation into Program Files (x86) folder via inno setup tool. My problem is whenever I execute my setup.exe file on another windows device, SmartScreen shows…
Microsoft windows security is deleting a file from IIS WWW root folder.
Hi Team, We have a problem with an application. One of the files from the IIS application configuration file is deleting automatically from windows server 2019. When we checked event logs, the warning is shown as below. Could you please suggest how to…
There was no record of compromised users even though users were compromised
Good Afternoon, I ran an attack simulation with malware attachment and pushed to a specific set of people, I created a payload of my own and some of the users actually opened the attachment to view the content and also downloaded the attachment but it…
Virus' incorrect detection submission is being treated as virus submission wrongly
The software I created was misdiagnosed as a virus by Windows Defender, and I submitted feedback, selecting the "Incorrect detection" option. But the response was to add virus detection to them and now Defender still treats it as a…
Custom Webpage for Devices Isolated by Microsoft Defender
I am an Admin. My Company uses Microsoft Defender XDR. When a Device is Isolated, and the user of the Device opens his Browser, he gets shown a Default Webpage by the Defender. Is it possible to customize a the Default Webpage that is shown to a Device…
Package fails to install for Windows 2016 endpoints in Microsoft Defender for Identity
Problem with enroling Windows 2016 devices in Microsoft Defender for Identity As part of moving from a third party AV to defender (2019 and 2022 work fine). PowerShell Running the installation package fails on 2016 for multiple servers All available…
How to tune Initial access incident to not trigger if there was no successful login
I am getting a significant amount of alerts from detection source AAD Identity Protection on my MS Defender Incident page, that are called "Initial access incident involving one user" and "Multi-stage incident involving Initial access…
Suspend user in Defender User page
Hi, For 2 years i had no issue to suspend a user directly through the incident page in Defender console. Now, the option is not there anymore since Christmas. I opened a ticket with MSFT, but.... you know. Does Something have change for this ? Does…
Why Occurs This Porblem (This App has been blocked by System Administrator) in Domain Network
when we open some Application in our Computer it gives us this problem (This App has been blocked by System Administrator) in Domain Network, Why occurs this problem and how to solve it. Thanks alot.
How to avoid to notify users that this was a phishing alert
I created a phishing attack and sent it to test users. that works, but when the user clicks on the link or provides his crentials, he gots immediately a message saying that it was an alert. The problem is, if I send the alert to a complete department,…
I can't RMS and IRM for use labels with permissions configurations.
Currently, I am responsible for configuring and creating sensitivity labels and label policy. I've already created the labels and label policy, which were published to our test group before being enabled organization-wide. The sensitivity label has…