Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
210 questions
210 questions with Microsoft Defender for Identity-related tags
0 answers
the privacy protection on microsoft defender on my windows 11 laptop will not stay on. The vpn will not conncect
I try to turn on the identity protection and it doesn't work. I go into settings and the vpn isn't connected. I try to connect it and it fails. I am instructed to wait a few minutes and try again. I have also repaired and reset the app and the…
asked 2024-10-19T09:40:58.5133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 28.999999999999996%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECZ%3C/text%3E%3C/svg%3E)
Coral Zook
0
Reputation points
asked 2024-10-19T09:40:58.5133333+00:00
Coral Zook
0
Reputation points
1 answer
How i can whit list or change defender rules ,when malicious files are detected in SharePoint Online, OneDrive, or Microsoft Teams and backup failed by Veam as their is malware in file
How i can whit list or change defender rules ,when malicious files are detected in SharePoint Online, OneDrive, or Microsoft Teams and backup failed by Veaam as their is malware in file how we can make them whit list as these are legitimate files as…
asked 2024-09-03T13:05:00.0733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 89%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMZ%3C/text%3E%3C/svg%3E)
Muhammad Zeeshan
100
Reputation points
answered 2024-10-17T11:43:43.6+00:00
Gautam
0
Reputation points Microsoft Employee
1 answer
Permissions and roles
for a user I need the role and permissions so I can read, edit, and create email threat policies for spam and phishing. are the only roles for this higher privileged ones? is there a way to adjust those permissions to lower reach?
asked 2024-10-08T20:56:48.71+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 78%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Son man
0
Reputation points
commented 2024-10-17T09:46:28.89+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 35%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EXQ%3C/text%3E%3C/svg%3E)
Xintao Qiao-MSFT
3,450
Reputation points Microsoft Vendor
1 answer
One of the answers was accepted by the question author.
Question about device and security management in multi-tenant (sub-tenant) configuration
My company is growing and has created several LLCs for various product lines. The business intent is to spin off these companies into subsidiaries. It remains to be seen if they will be a "wholly owned" or "affiliate" type…
asked 2024-10-09T15:04:23.94+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 96%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESG%3C/text%3E%3C/svg%3E)
Shawn Goodwin
176
Reputation points
edited the question 2024-10-15T01:14:28.2466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 82%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELZ%3C/text%3E%3C/svg%3E)
Ling Zhou_MSFT
17,705
Reputation points Microsoft Vendor
1 answer
What permission do I need to access Microsoft Defender - Incidents?
I'm currently accessing a incident on our environment but I can't access it. It gives my this error message. "You can’t access this section. Sorry, you can’t access this section. Check with your administrator for the role-based access permissions…
asked 2024-03-12T13:12:45.6966667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 59%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EG%3C/text%3E%3C/svg%3E)
GeneR
0
Reputation points
commented 2024-10-14T18:33:17.5266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 92%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESP%3C/text%3E%3C/svg%3E)
Sarah Pierce
0
Reputation points
0 answers
MS Defender - How to manage Tenant Allow/Block Lists with graph api
Hi, I'm trying to create an integration to block certain URLs on Microsoft Defender with the Graph API. After looking into the documentation, I found this endpoint:…
asked 2024-07-10T08:21:08.0666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 63%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EOD%3C/text%3E%3C/svg%3E)
Omer Dital
10
Reputation points
commented 2024-10-14T18:32:58.2133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(294.40000000000003, 20%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENM%3C/text%3E%3C/svg%3E)
Nicolas Mourad
0
Reputation points
1 answer
Where did the Phish delivered due to ETR override default alert go?
Hello Please i need your help on this issue. I noticed that the Phish delivered due to ETR override default alert go inside Microsoft defender? How can i create a default Phis delivered due to ETR Override
asked 2024-10-08T16:22:11.7266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 76%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EI8%3C/text%3E%3C/svg%3E)
IniobongNkanga-8038
656
Reputation points
commented 2024-10-12T18:59:38.05+00:00
IniobongNkanga-8038
656
Reputation points
0 answers
Attack Simulation Training - Training Issue
Hi there, Re: Attack Simulation Training in Microsoft Defender We have deployed phishing campaigns and some users have been compromised. Some of these users are reporting that they have completed the training modules they've been assigned in this…
asked 2024-10-02T12:41:09.7066667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(99.2, 28.999999999999996%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPS%3C/text%3E%3C/svg%3E)
PARR Shaun
30
Reputation points
commented 2024-10-10T03:11:59.9533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
Givary-MSFT
32,751
Reputation points Microsoft Employee
0 answers
Microsoft Defender not reacting on suspisious URL
Hello, I have encountered a rather unpleasant situation with Microsoft Defender. We have received an incident regarding Connection to adversary-in-the-middle (AiTM) phishing site on one endpoint. The User involved has confirmed, that he had accidentally…
asked 2024-10-09T15:18:05.7766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 70%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EWR%3C/text%3E%3C/svg%3E)
Wojciech Rozanski
65
Reputation points
asked 2024-10-09T15:18:05.7766667+00:00
Wojciech Rozanski
65
Reputation points
1 answer
Role & Permissions
What are the correct roles or permissions to let a user read and edit the email threat policies in Microsoft defender portal? From what I can find it would be Security Administrator. Is there a way to lower this role so it is not as privileged, if no…
asked 2024-10-08T20:50:58.76+00:00
Son man
0
Reputation points
answered 2024-10-09T06:45:52.9766667+00:00
Vasil Michev
106.6K
Reputation points MVP
2 answers
Audit and monitor removable devices from intune
Hello Team, I'm configuring an ASR rule to audit removable devices as the following: I need to know how to get these audits, I didn't find anything related to this policy in the surface attack reduction reports. Thanks, Alaa ELrayes
asked 2024-09-24T08:07:27.9733333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 98%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAE%3C/text%3E%3C/svg%3E)
A.Elrayes
186
Reputation points
commented 2024-10-08T06:08:11.62+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 35%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZM%3C/text%3E%3C/svg%3E)
ZhoumingDuan-MSFT
13,245
Reputation points Microsoft Vendor
0 answers
Actions Required After Verifying False Positives in Windows Defender
A customer support inquiry was received regarding our game executable (.exe) being detected as Trojan/Wacatac.B!ml. Several posts on our game site’s community have reported similar issues. The file in question is a program built and distributed by our…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 73%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
1 answer
Is it wise to have three separate Azure tenants for Test, Prod, and Pre-Prod + Domain name security concern?
Hello everyone, Our IT department is pushing to set up three separate Azure tenants for Test, Production (Prod), and Pre-Prod environments. I’d like to get your thoughts on whether this is truly necessary, especially considering security, management…
asked 2024-10-03T17:56:39.0266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 42%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EIH%3C/text%3E%3C/svg%3E)
Ilman Hamzatov
0
Reputation points
answered 2024-10-07T18:02:36.9833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 30%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGP%3C/text%3E%3C/svg%3E)
Goutam Pratti
95
Reputation points Microsoft Vendor
0 answers
Unique identity
Unique identity Hi there. I got someone who was trying to log into my Facebook the other day. Would you be able to see who the ID belongs to ?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 50%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAN%3C/text%3E%3C/svg%3E)
10 answers
OpenSSL vulnerabilities showing in Defender Dashboard
We have multiple devices showing up with OpenSSL vulnerabilities. It is detecting two dll files that it is flagging. Which they are libssl-3-x64.dll and libcrypto-3-x64.dll. It is flagging this for multiple different applications through out multiple…
asked 2023-09-22T20:14:57.2433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(182.40000000000003, 84%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJT%3C/text%3E%3C/svg%3E)
Jeff Thorne
45
Reputation points
answered 2024-10-03T11:34:05.5833333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(182.40000000000003, 1%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESH%3C/text%3E%3C/svg%3E)
Stephen Holder
0
Reputation points
0 answers
gMSA Error - Defender for Identity
Hi All, Please advice We are trying to use gMSA account instead of service account. When we change from normal account to gMSA account, the sensor stops working and i get below error. We checked firewall ports, followed below document and restarted the…
asked 2024-10-02T12:10:10.46+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 15%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKP%3C/text%3E%3C/svg%3E)
karthik palani
1,036
Reputation points
edited the question 2024-10-02T12:11:35.9466667+00:00
karthik palani
1,036
Reputation points
0 answers
Defender for Identity - gMSA error
Hi All, Need your kind advice We are trying to configure Defender for Identity using gMSA account since its currently configured using service account and sensor working fine. When we change to gMSA, the sensor connection fails and get below error. All…
asked 2024-10-02T11:58:58.2733333+00:00
karthik palani
1,036
Reputation points
asked 2024-10-02T11:58:58.2733333+00:00
karthik palani
1,036
Reputation points
3 answers
Security Recommendations for LAPS are outdated
These recommendations in the Microsoft Secure Score seems to be ignoring the new Windows LAPS and looking at the old LAPS. When we changed over to the Windows LAPS, these recommendations started getting flagged. I thought Microsoft would eventually…
Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
5,427 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,133 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
210 questions
asked 2023-06-28T10:54:09.08+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(307.2, 66%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAG%3C/text%3E%3C/svg%3E)
ADM-Griffin2, Jay
151
Reputation points
answered 2024-10-01T10:02:29.06+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 25%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMA%3C/text%3E%3C/svg%3E)
Michele Ariis
5
Reputation points
4 answers
Fake Copy/Paste (copy text - paste example TYfcWtHDivhu9PRkaaCCVAoAk6SKTS2XDH)
I use exclusively MS products on different servers at the same time. But for more than a year now I have been suffering from a problem with copying text. The problem is that after copying the text, the following TYfcWtHDivhu9PRkaaCCVAoAk6SKTS2XDH…
Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,768 questions
Remote Desktop
Remote Desktop
A Microsoft app that connects remotely to computers and to virtual apps and desktops.
4,573 questions
Office Development
Office Development
Office: A suite of Microsoft productivity software that supports common business tasks, including word processing, email, presentations, and data management and analysis.Development: The process of researching, productizing, and refining new or existing technologies.
3,936 questions
Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,843 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
210 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 88%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVP%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(169.60000000000002, 81%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYR%3C/text%3E%3C/svg%3E)
1 answer
MDATP for MacOS doesnt fetch DeviceAAD ID info from Mac endpoints
Hello, Could you please help us to identify what caused the problem? We have a problem with MDATP fetching DeviceAADID for MacOS devices. I don't see such information from onboarded devices in Security Microsoft Portal. It doesn’t connected with macOS…
asked 2024-09-25T17:30:35.71+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 49%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EW%3C/text%3E%3C/svg%3E)
WIndows_around_you
0
Reputation points
answered 2024-09-27T01:52:27.52+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
Crystal-MSFT
48,931
Reputation points Microsoft Vendor