![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(169.60000000000002, 99%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
1,564 questions
Hi @Sakshi Singh , it looks like these are used for data collection by Microsoft Defender for Cloud. Microsoft Defender for Cloud collects data from your virtual machines (VMs) to assess their security state, provide security recommendations, and alert you to threats. When you first access Defender for Cloud, data collection is enabled on all VMs in your subscription. Microsoft Defender for Cloud collects and processes security-related data, including configuration information, metadata, event logs, crash dump files, and more. If excluding the C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\DataCollection location from scanning resolves the memory consumption issue, it is possible that the scanning of these files is causing the issue. We can always open a ticket to look at your environment if this is the case. Please let me know if you have any questions and I can help you further. If this answer helps you please mark "Accept Answer" so other users can reference it.
Thank you,
James