How Microsoft 365 Defender detect malware on user device, and how to see a detail report about it?

Dat Truong Manh 41 Reputation points
2021-08-30T08:37:16.357+00:00

Hi All,

Recently the Microsoft 365 Defender on my tenant has detected some malware activity on some devices, but I have a hard time finding where the detailed report on those activities lies.

For instance, in the picture below, I can only see that there are 2 devices have malware detected, but there is no other information such as which type of malware, where the malware is on the device, how M365 Defender detects them, and if the device is not Intune-enrolled, can the Defender still detect malware.

127506-image.png

I hope that someone can give some guidance about this.

Warm regards,
DatTM

PS: I do not know which is the correct tag for this question, so I leave it at windows-10-security.

Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,812 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Sarat Chandra 581 Reputation points
    2021-08-30T09:53:34.157+00:00

    Hi DatTruongManh-1313

    Let’s have a look at the alert dashboard in the portal as shown in the ATTACHED PIC. You can navigate to the alert overview by selecting Incidents & Alerts and then select Alerts. Note that you can also filter alerts for specific products, like Microsoft Defender for Endpoint, with the built-in filtering capability in the portal

    127552-defender.png

    Reference:https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/alerts?view=o365-worldwide

    If this article helps, please mark this post as helpful.