1,201 questions with Microsoft Defender for Cloud-related tags
Defender P2 Qualys Deprecation -> switch to MDE for MDVM
Qualys is being deprecated to be used together with Cloud Defender for Servers Plan 2. In the documentation I read that MDVM is part of MDE, either plan 1 or plan 2. Plan 1 has basic vulnerability scanning and p2 supplies addons to that basic…
Custom detection in MDE
I am trying to create Custom Detection in Microsoft Security Center where my query has multiple Join and summarize statements. Whenever I am running query its providing results but after saving in Custom Detection form and under its results section its…
Snapshot not working for continues export of Defender for Cloud
Hi, I have setup a continues export for Defender for Cloud as described in the following documentation to export all possible data to a Log Analytics workspace using streaming updates and snapshot.…
Support for Microsoft Defender on on premise Active Directory domain controllers
hi - can you tell us if Microsoft supports or partially supports or does not support Microsoft Defender for Servers/Cloud going onto on premise domain controllers? If there are any special caveants please provide links
Confused with Module 3 - Policy Management at https://github.com/Azure/Microsoft-Defender-for-Cloud/blob/main/Onboarding/Modules/3-Policy-Management.md#step-3---assign-and-customize-the-mdc-default-policy
Hi, I am reading the onboarding process and reached module 3 at https://github.com/Azure/Microsoft-Defender-for-Cloud/blob/main/Onboarding/Modules/3-Policy-Management.md#step-3---assign-and-customize-the-mdc-default-policy I have already activated all…
Applying azure PCI DSS4 regulatory complaince policy for passwords
Hi, I am trying to assign PCI DSS4 Defender for cloud regulatory compliance policy for passwords - Audit Windows machines that allow re-use of the passwords after the specified number of unique passwords- where count is 24 Audit Windows machines that…
OpenSSL vulnerabilities showing in Defender Dashboard
We have multiple devices showing up with OpenSSL vulnerabilities. It is detecting two dll files that it is flagging. Which they are libssl-3-x64.dll and libcrypto-3-x64.dll. It is flagging this for multiple different applications through out multiple…
Setting Defender for Server Pricing Plan per resource + disable MDE auto-provision
I have some question related Defender for server and the added ability to set the pricing plans on a resource level as well as outlined here:…
How to get the list of CIS benchmark available for each OS in defender?
Hi Team, We are currently using defender for cloud, where we need to understand the SCA capability of defender for each OS and what all CIS benchmarks does it covers for each os. Can we able to get the list of available Benchmarks for Windows, Linux and…
Where to find documentation of all available options for the $expand api param of the assessments endpoint
I'm trying to use this api: https://learn.microsoft.com/en-us/rest/api/defenderforcloud/assessments/list?view=rest-defenderforcloud-2020-01-01&tabs=HTTP Even though not documented in the linked page, the $expand param is supported (this is…
Defender Cloud Security Posture Management (CSPM), Billed per resource Hour or Month
How is Defender Cloud Security Posture Management (CSPM) Billed? On the pricing page it shows that it can be billed hourly: Defender Cloud Security Posture Management (CSPM)£0.006/Billable resource/hour But in the Microsoft Defender for Cloud portal, it…
Azure Arc and Defender for Cloud Automatic Onbaording
Hello I am currently using GPO to onboard servers to Azure for Arc and then onboard to Defender for cloud. Is there a way to automate the onboarding process, when a new servers is added to the environment? and can automation be done to servers outside…
Integrating Defender for Endpoint with Defender for Cloud by server not by Subscription
Please give me a guide on how to integrate Defender for Endpoint and Defender for Cloud by server, not by subscription. Do I need to set "Vulnerability Machine needs to be installed" in policy mdc to integrate with mde? I'm trying to…
How to secure container in container apps using Defender for cloud
Hi, I want to know how can I protect the containers during runtime and scan the images with Defender for containers. Listing down my questions How to configure Defender for Containers for runtime protection. And what action to take post…
The Address you provided is invalid, please provide a valid address and try again!!!
Hi, While I was trying to schedule the SC-200 Exam, I got the error message that the billing address isn't valid. How can I fix this issue. Thanks! Best Regards, Jasmina Jakob
Azure security recomendation diffrent result between classic view and new view
Since new update on Microsoft Azure.portal, in the Microsoft Defender for Cloud | Security posture | View recommendations > you have two options: Recommendations (Preview) Recommendations (classic view ) In a same subscription you can see…
Defender Plans page throwing error "rt is null"§
Its been a couple of days i am getting this error in my subscription.. Is this a temporary glitch, or ..?
Getting "Selected user account does not exist in tenant 'Microsoft Services' and cannot access the application" error.
Good afternoon: Any time I try to go to security.microsoft.com or compliance.microsoft.com and log in, I'm greeted with a "Selected user account does not exist in tenant 'Microsoft Services' and cannot access the application" error. The same…
Compliance policies not evaluated for every device in Microsoft Intune.
Hi, I've recently been tasked with updating all of our endpoints to have Microsoft Defender for Endpoint. We have upgraded to Business Premium licenses which come the MDE and Intune. I've successfully onboarded 4 devices for testing through MDE, and the…
Recommendation to install Microsoft Defender for Cloud Log Analytics agent on Linux-based Azure Arc-enabled machines appearing never-ending after AWS integration
After integrating my AWS environment, I keep seeing the recommendation to install Microsoft Defender for Cloud Log Analytics agent on Linux-based Azure Arc-enabled machines. It seems to be never-ending. How can I resolve this issue?