1,423 questions with Microsoft Defender for Cloud-related tags

Sort by: Updated
1 answer

How do i track a user browsing activities in intune or defender?

Dear All, I would like to review a user browsing history. In Defender advance hunting, i had entered the following queries (from copilot) but when i run, there is no data returned, anyone know how modify the code so that it return the user browsing…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,423 questions
asked Oct 11, 2024, 7:32 AM
Yong Chin Kuo 0 Reputation points
commented Nov 22, 2024, 11:23 PM
James Hamil 25,866 Reputation points Microsoft Employee
0 answers

OpenSSL vulnerabilities in Defender for latest version Microsoft Products

My org has several OpenSSL vulnerabilities for OneDrive and Azure Disk Encryption. The CVEs are CVE-2024-4603, CVE-2024-4741, CVE-2024-5535, and Defender was said to fix inaccuracies with these last month (Sept. 2024).…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,423 questions
asked Oct 15, 2024, 8:07 PM
Zach Hyman 80 Reputation points
commented Nov 22, 2024, 4:02 PM
Austin Eschweiler 0 Reputation points
0 answers

Microsoft XDR (Defender) - How to export - Advanced Hunting - Custom Detection Rules

Hello everyone, Our team is trying to export the Custom Detection Rules. We have more than 50 rules, so we need an automated process that allows us to export and import the rules. Currently, we see that the API function that allows this is still in beta:…

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
12,379 questions
Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,940 questions
Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,857 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,423 questions
Microsoft Defender for Endpoint Training
Microsoft Defender for Endpoint Training
Microsoft Defender for Endpoint: A Microsoft unified security platform for preventative protection, postbreach detection, and automated investigation and response. Previously known as Microsoft Defender Advanced Threat Protection.Training: Instruction to develop new skills.
50 questions
asked Nov 7, 2024, 3:08 PM
viri4to 10 Reputation points
commented Nov 22, 2024, 1:36 PM
viri4to 10 Reputation points
0 answers

How to fix Critical/High/Medium vulnerabilities for OpenSSL for months now

We got notified of new Critical/High/Medium vulnerabilities for OpenSSL for months now, this time showing us hundreds of affected files ranging from AImeeting, MicosoftPaint, OneDrive, Nvidia, Cisco apps, Intel, the list goes on. I'm beginning to…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,423 questions
asked Nov 22, 2024, 1:33 PM
Omowunmi Aderemi 0 Reputation points
2 answers One of the answers was accepted by the question author.

Azure secure score

Hi, We have issues regarding defender for cloud and secure score. There has been a massive drop the latest month. What spesific is the issue or changes that you have made? We also need information if there will be any new changes. We have customers…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,423 questions
asked Nov 13, 2024, 8:42 AM
Karoline Hille 20 Reputation points
accepted Nov 22, 2024, 8:39 AM
Karoline Hille 20 Reputation points
1 answer One of the answers was accepted by the question author.

Filter by Alert Name on Security Microsoft

How we can filter based on alert name on security.microoft.com?

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,302 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,423 questions
asked Nov 21, 2024, 1:45 AM
Handian Sudianto 5,401 Reputation points
accepted Nov 21, 2024, 11:29 PM
Handian Sudianto 5,401 Reputation points
0 answers

defender is not publishing the health docker image health status even after 3 hrs

I could see azure defender cloud is not publishing health status of a docker images which got pushed to the ACR repository even after 3 hrs . This is kept on happening for multiple images randomly I have raise multiple complains not getting a proper and…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,423 questions
asked Nov 12, 2024, 1:14 PM
jomi ca 0 Reputation points
commented Nov 21, 2024, 4:26 AM
jomi ca 0 Reputation points
2 answers

How to disable Microsoft Defender for cloud on VS subscription

I am using a Visual Studio subscription. My Synapse and Azure SQL resources use Microsoft Defender for Cloud, and I am unable to disable this for these resources. As a result, most of the costs are associated with Defender for Cloud, causing my VS…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,423 questions
asked Aug 6, 2024, 8:35 PM
Bhargava-MSFT 31,121 Reputation points Microsoft Employee
edited a comment Nov 20, 2024, 6:03 PM
Swathi Chidurala 0 Reputation points
1 answer One of the answers was accepted by the question author.

"Disabled accounts with X permissions on Azure resources should be removed" is Showing Active Accounts

I review our Microsoft Defender Secure Score for each of 3 subscriptions weekly and noticed a huge reduction in one of them. The following are the recommendations for this subscription in particular: "Disabled accounts with read and write…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,423 questions
asked Nov 12, 2024, 4:08 PM
Cusimano, Joey 80 Reputation points
commented Nov 19, 2024, 5:25 PM
Cusimano, Joey 80 Reputation points
1 answer

How do I onboard my device into MDE without the MDE service and SENSE service running?

Hi all, I was wondering if someone knew how I can install Defender for Endpoint on my device. I tried installing MDE using the onboarding package (local script for windows 10/11), but it keeps returning this to me: Starting Microsoft Defender for…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,423 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
213 questions
Microsoft Defender for Cloud Apps
Microsoft Defender for Cloud Apps
A Microsoft cloud access security broker that enables customers to control the access and use of software as a service apps in their organization.
151 questions
Microsoft Defender for Endpoint Training
Microsoft Defender for Endpoint Training
Microsoft Defender for Endpoint: A Microsoft unified security platform for preventative protection, postbreach detection, and automated investigation and response. Previously known as Microsoft Defender Advanced Threat Protection.Training: Instruction to develop new skills.
50 questions
asked Nov 19, 2024, 9:32 AM
Geert _vdb 0 Reputation points
edited an answer Nov 19, 2024, 10:03 AM
Givary-MSFT 33,706 Reputation points Microsoft Employee
1 answer One of the answers was accepted by the question author.

MS Defender Automated Simulation Training: How to have new users to live attack simulation training

Hi I am trying to setup MS Defender attack simulation training for staff. I have a number of queries regarding setup. 1: We have a live training campaign which we require all new staff members to complete. Please outline the process of having a new user…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,423 questions
asked Nov 14, 2024, 11:55 AM
Kieran Heneghan 20 Reputation points
accepted Nov 19, 2024, 9:25 AM
Kieran Heneghan 20 Reputation points
0 answers

Replacing a third party AV with Defender for Cloud

I'm in the process of rolling out Defender for Servers via Defender for Cloud subscription to onboarded ARC on-prem machines (Windows and Linux). The current solution uses a lot of file and folder exceptions. I've rolled out to a few test machines but i…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,423 questions
asked Oct 24, 2024, 11:18 AM
Channing, Peter 0 Reputation points
commented Nov 19, 2024, 7:22 AM
Gautam 5 Reputation points Microsoft Employee
1 answer

Difference between Microsoft Defender for Business and Defender for Endpoint?

Hi. Would be pleased to have these answers. Thank you. What is the difference between Microsoft Defender for Business and Defender for Endpoint? Is Defender for Endpoint included in Defender for Business? Is there any limitation for in Defender for…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,423 questions
asked Nov 13, 2024, 6:46 AM
Israt Jahan Tulin 0 Reputation points
commented Nov 18, 2024, 12:12 PM
Navya 13,055 Reputation points Microsoft Vendor
0 answers

Why defender for endpoints say that does't exist the CVE-2013-3900 and when I see the REG entry, they really exist ?

In the Microsoft Defender for Endpoint (MDE) console, when I search for CVE-2013-3900 (WinVerifyTrust), the results show zero vulnerable endpoints. However, mitigating this CVE primarily involves creating a registry entry, and in all the endpoints I’ve…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,423 questions
asked Sep 24, 2024, 11:54 AM
Andrew Matheus da Silva Lobo 5 Reputation points
commented Nov 18, 2024, 7:28 AM
Prathista Ilango 95 Reputation points Microsoft Employee
1 answer

Microsoft Defender for Endpoint for US Government customers

Hi, are these endpoints still relevant? I'm having issues configuring them with GCC High. https://learn.microsoft.com/en-us/defender-endpoint/gov#api

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,423 questions
asked Nov 13, 2024, 4:35 PM
itay4 36 Reputation points
answered Nov 17, 2024, 2:54 PM
itay4 36 Reputation points
1 answer

How can I retrieve both Active and Disabled Vulnerabilities from Azure Defender for Cloud using Graph Query?

Working with the "Azure registry container images should have vulnerabilities resolved" recommendation in Defender for Cloud, my company wants to prevent this rec from effecting our security score, but without setting an exemption for the rec…

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
12,379 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,423 questions
asked Nov 14, 2024, 7:48 PM
Brian Korzen 0 Reputation points
answered Nov 15, 2024, 12:11 AM
Brian Korzen 0 Reputation points
0 answers

OpenSSL Vulnerability Shown on Microsoft Defender for Cloud Dashboard - OneDrive affected app

An OpenSSL vulnerability has been flagged on one of our devices by Microsoft Defender for Cloud. The vulnerability has listed two dll files as the main culprits (both installed via OneDrive): libcrypto-3-x64.dll libssl-3-x64.dll The OneDrive version…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,423 questions
asked Oct 31, 2024, 12:38 PM
Eric Wasike 35 Reputation points
commented Nov 14, 2024, 3:05 AM
Champ 1 Reputation point
0 answers

Can we send Defender for Cloud's logs to Sentinel's LAW without "Defender for cloud connector" configured in Sentinel?

Question: While deploying Defender for Cloud, if we select the same LAW (workspace) that Sentinel is using, do we still need to configure Defender for Cloud connector and configure it in Sentinel? In this scenario, do Defender for Cloud and Sentinel's…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,423 questions
Microsoft Sentinel
Microsoft Sentinel
A scalable, cloud-native solution for security information event management and security orchestration automated response. Previously known as Azure Sentinel.
1,172 questions
asked Nov 12, 2024, 2:28 PM
Rakesh Singh 270 Reputation points
commented Nov 14, 2024, 2:28 AM
Navya 13,055 Reputation points Microsoft Vendor
1 answer One of the answers was accepted by the question author.

Microsoft Defender for Endpoint not Onboarding

Hello, My team is having trouble onboarding Microsoft Defender for Endpoint because the Advanced Threat Protection Service won't start. It looks like the SENSE service is also not starting and is stuck in START_PENDING. I tried rebooting the device and…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,423 questions
asked Oct 30, 2024, 4:38 PM
Trent Nolin 20 Reputation points
accepted Nov 13, 2024, 5:10 PM
Trent Nolin 20 Reputation points
1 answer

Integrating Microsoft Defender for Cloud Apps with Microsoft Defender for Cloud

The CIS Benchmark 2.1 for Azure recommends integrating Microsoft Defender for Cloud Apps with Microsoft Defender for Cloud by selecting the appropriate setting. However, the method described in the CIS document does not work for us as we cannot find the…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,423 questions
asked Sep 9, 2024, 8:29 AM
Neha Mittal 0 Reputation points
commented Nov 12, 2024, 3:57 PM
Neha Mittal 0 Reputation points