Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
A tool that provides visibility, control, and threat protection for cloud-based applications and services
Anyone?
??
Repeatedly having "Multiple failed user log on attempts to an app" incidents and alerts
Pavel yannara Mirochnitchenko
13,426
Reputation points MVP
I have cloud-only environment without local Active Directory and after Defender for Cloud Apps was implemented, only one policy generates these "Multiple failed user log on attempts to an app" alerts and incidents all the time. Is this a known behavior? I noticed, that desktop computer without Hello for Business enabled does not generate it, but all laptops having fingerprint and face recognition do generate it.
I can't identify any problems in use, only thinking is there a conflict of having WHFB enabled together with this alert policy?
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
2 answers
Sort by: Most helpful
-
Pavel yannara Mirochnitchenko 13,426 Reputation points MVP
2023-06-20T18:04:24.13+00:00 -
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(313.6, 2%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERD%3C/text%3E%3C/svg%3E)
Ramon Diaz 0 Reputation points2023-09-18T14:17:08.73+00:00 I have the same problem, but can't find an answer either. anyone?