23 questions with Microsoft Defender for Endpoint Training-related tags
Unable to onboard some devices in MS Defender
I have 6 devices enrolled in Intune, but only 3 devices are showing as onboarded in the Microsoft Defender portal. The other 3 devices are displaying a status of "Not applicable" in Intune. I am unable to identify any issues causing this…
What pre-built role to read the Microsoft Defender for Endpoint and vulnerabilities
what pre-built role (in intune or Entra ID) can be assigned to read the Microsoft Defender for Endpoint and vulnerabilities, Global Reader and Security Reader can only Read Defender for Identity or Defender for cloud but for some reason can't access to…
Custom detection rule
We see that 90% of the SPAM geared toward students comes from fake Gmail accounts. In Advanced Hunting I created a KQL query to find any Gmail account that sent more than 40 emails from the same account I saved it as a Custom Detection Rule. …
Microsoft Intune connection with defender endpoint grayed out (A Microsoft Intune license was not found. )
I have a dev tenant with E5 Dev license, but i am not able to connect Intune with endpoint defender.
Defender For Endpoint Plan1 with M365 Business Standard
I have Business Standard+ Defender for Endpoint Plan 1. I was trying to enrol a device through Microsoft Defender portal. I went to Settings . But there is no Endpoint option in it. The only options available are Defender Portal , Defender Xdr, Email ,…
Endpoint/Intune Device Enrollment Authorization
Is there a way to create a script in Intune/Endpoint that when a device is trying enrolled with company portal to the tenant, sends or requires an authorization from an admin before completing the enrollment or compliant process? Or a conditional access…
My Microsoft Attack Simulator emails get quarantined when user's report them, why is that?
I am working on creating a phishing simulation for my organization; normally when we have a phishing campaign simulation, we send a copy of our reported emails to our shared security team mailbox. This gives us quick reference for user reports and…
Email notification when a automation investigation has started
Hi all, Is it possible for me as an admin to receive email notification if an automation investigation has taken place on a device / user?
Exception Handling for Defender & Third-Party EDR Conflict
Hello. We are currently operating Microsoft Defender for Cloud (MDC). We aim to comply with one of MDC's recommendations, 'EDR solution should be installed on Virtual Machines.' While Windows machines have Microsoft Defender for Endpoint (MDE) installed…
Defender for Endpoint - Migrating servers from Microsoft Monitoring Agent to the unified solution
Hi, I am following https://learn.microsoft.com/en-us/defender-endpoint/application-deployment-via-mecm but on test machine nothing is happening - machine onboarded to MDEP (Windows Server 2016) using MMA. I think…
VFP7 MICROSOFT VISUAL
Fatal error: Exception code = C0000005 @ 05/08/2024 10:59:06 AM. Error log file: C:\Program Files\Common Files\Microsoft Shared\VFP\vfp7rerr.log
How to secure my network from getting exploit
@Anonymous I have purchased Defender for Endpoint P2 license i want to block hackers to exploit in my network as i dont have firewall installed in my network. Is there any feature in plan 1 or plan 2 which helps in blocking and provide network…
Defender I use GPO Can Switch Config policy On Defender Mange by MDE device configuration management ?
Now plan deploy MDE my PC joins local AD which makes it difficult to manage policy through GPO. Is this possible? If I want to use Switch Gpo policy through Device configuration management MDE?
30 day challenge for security operations analyst cert module numbers inconsistent
I am doing the 30 day challenge for sc-200 Security Operations Analyst. I have done the 53 modules stated in the challenge, however, my status says 53 of 54 modules completed. I have no info how to get to the 54th module if it exists! URL:…
The Address you provided is invalid, please provide a valid address and try again!!!
Hi, While I was trying to schedule the SC-200 Exam, I got the error message that the billing address isn't valid. How can I fix this issue. Thanks! Best Regards, Jasmina Jakob
Mouse and Keyboard installtion blocked by DEfender for Endpoint ASR policy
Hi, I am creating a new policy for removal device protection under Defender for endpoint (ASR). now along with removal storage devices. all mouse and keyboard's are getting blocked. is there a way to exclude such devices from policy?
Microsoft Defender against Palo Alto Cortex
I am tasked to compare Palo Alto Cortex solution on our existing Windows workstations against MS Defender for Endpoint. There is several articles about this and my first conclusion is, that Defender might have only small weakness against Palo Alto but I…
Defender for Endpoint onboard Google Cloud and AWS machines
Hello Can servers hosted in other platforms like Google cloud and AWS be onboarded to defender for endpoint without using Azure arc? Thanks
What is best way to keep up to date employer's devices?
I'm looking for a solution with minimum administrator effort for keeping up to date on all employer's devices. In the organization, I have about 50 devices that they onboarded to Defender for Cloud's portal. All devices showing on Microsoft Defender…