275 questions
275 questions with Microsoft Security | Microsoft Defender | Microsoft Defender for Identity tags
1 answer
How to find installed software's on servers
from Windows defender portal (security.microsoft.com) can we get report of all installed software's running on servers only not client machines
Microsoft Security | Microsoft Defender | Microsoft Defender for Identity
asked 2024-11-14T09:07:16.2933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 89%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMZ%3C/text%3E%3C/svg%3E)
Muhammad Zeeshan
100
Reputation points
answered 2025-01-22T09:21:58.1266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 17%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKM%3C/text%3E%3C/svg%3E)
K-Mohammed
240
Reputation points Microsoft Employee
1 answer
Alerting when break-glass domain admin account has been used by someone
Hi, I have a break-glass domain admin account in several forests whose DCs have MDI sensors installed. Is it possible to get alert/mail notification when that account has been used by someone leveraging MDI events/logs?
Microsoft Security | Microsoft Defender | Microsoft Defender for Identity
asked 2024-12-08T20:28:49.3066667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 33%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBZ%3C/text%3E%3C/svg%3E)
Bojan Zivkovic
611
Reputation points
answered 2025-01-21T06:42:54.9066667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 28.000000000000004%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECK%3C/text%3E%3C/svg%3E)
Catherine Kyalo
2,090
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Advanced Hunting Query -> Risky sign-ins & Risky users in EntraID?
Hi Everyone, Quick question - how can I query users/sign-ins that are flagged under Risky Activities (Security) in Entra ID within the Microsoft Defender Security portal under Advanced hunting? Essentially what I want to do is when a user is flagged on…
Microsoft Security | Microsoft Defender | Microsoft Defender for Identity
Microsoft Security | Microsoft Entra | Microsoft Entra ID
25,265 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 10%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EO%3C/text%3E%3C/svg%3E)
1 answer
One of the answers was accepted by the question author.
Microsoft Defender Email Collaboration
I want to customize quaratine notification. When user recieve malicous mail ( for example it will be phishing link , malicous attachment, spam mail and etc) , it will go quarantine due policies. Quarantine also sends notification to user, as quarantine…
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud
Microsoft Security | Microsoft Defender | Microsoft Defender for Identity
asked 2024-12-20T10:46:32.79+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 4%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKG%3C/text%3E%3C/svg%3E)
Kanan Ganiyev
20
Reputation points
commented 2025-01-08T05:25:34.8366667+00:00
Kanan Ganiyev
20
Reputation points
1 answer
One of the answers was accepted by the question author.
Phishing Confidence
We are considering increasing the phishing threshold within Defender for Office Anti-Phishing policies, but we want to get a good understanding of how many emails this will effect when we do. I tried looking at the EmailEvents table within defender to…
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud
Microsoft Security | Microsoft Defender | Microsoft Defender for Identity
Exchange | Other
705 questions
asked 2025-01-02T19:51:13.72+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 31%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGZ%3C/text%3E%3C/svg%3E)
George Zerphey
181
Reputation points
commented 2025-01-07T13:26:17.7633333+00:00
George Zerphey
181
Reputation points
2 answers
One of the answers was accepted by the question author.
Defender XDR - Broswer extension
Hello, We have the all Defender P1/P2 plan, etc. We had in the past few months in the device page the software inventory->Browser extension. Now, we can received the Data from there and would like to know if something change in the platform or if i…
Microsoft Security | Intune | Configuration
2,100 questions
Microsoft Security | Microsoft Defender | Microsoft Defender for Identity
asked 2024-03-05T19:16:51.87+00:00
Étienne Fiset
50
Reputation points
commented 2025-01-06T05:25:04.29+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 48%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EST%3C/text%3E%3C/svg%3E)
Subham Thapa
0
Reputation points
1 answer
Troubles Enrolling Server through Microsoft Defender
Hi, I’m working on configuring Hybrid Azure AD Join for our domain-joined devices, and I've already set up Active Directory and Hybrid Azure AD. The next step I’m trying to take is enrolling devices through Microsoft Defender Settings > Endpoints >…
Microsoft Security | Microsoft Defender | Microsoft Defender for Identity
asked 2024-12-05T17:12:17.0133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 27%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKF%3C/text%3E%3C/svg%3E)
Kaleb Francoeur
0
Reputation points
answered 2025-01-03T08:00:45.5333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 87%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPI%3C/text%3E%3C/svg%3E)
Prathista Ilango
265
Reputation points Microsoft Employee
1 answer
how to export scan data and xml report of an asset that has been detected for being vulnerable by MS Defender
Hello I am trying to figure out how to generate scan data and XML report of an asset that has been detected for vulnerability for a specific CVE on defender XDR. I am trying to provide this information to the Rapid7 team as the vulnerability report they…
Microsoft Security | Microsoft Defender | Microsoft Defender for Identity
asked 2024-12-12T12:51:28.27+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 63%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESB%3C/text%3E%3C/svg%3E)
Saborni Barua
0
Reputation points
answered 2025-01-03T07:59:00.8933333+00:00
Prathista Ilango
265
Reputation points Microsoft Employee
3 answers
Package fails to install for Windows 2016 endpoints in Microsoft Defender for Identity
Problem with enroling Windows 2016 devices in Microsoft Defender for Identity As part of moving from a third party AV to defender (2019 and 2022 work fine). PowerShell Running the installation package fails on 2016 for multiple servers All available…
Microsoft Security | Microsoft Defender | Microsoft Defender for Identity
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 49%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
0 answers
Can't access Microsoft Secure Score
I get this error when I try to access the Secure score to make improvements I have tried different browsers, credentials are correct, org customization is enabled
Microsoft Security | Microsoft Defender | Microsoft Defender for Identity
asked 2024-12-17T14:57:49.7+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(297.6, 36%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
JKL
0
Reputation points
edited a comment 2024-12-19T01:18:55.8866667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous
1 answer
One of the answers was accepted by the question author.
Vulnerability Alert - Virtual Machine contains an Entra browser cookie of the user account
Hi Team, We received a Defender alert recently telling us that there is a Virtual Machine that contains an Entra browser cookie of a user account, providing lateral movement to a Key Vault. This happened after one of our Admin users logged in to Azure…
Microsoft 365 and Office | Install, redeem, activate | For business | Windows
Microsoft Security | Microsoft Defender | Microsoft Defender for Identity
asked 2024-11-26T02:08:44.8433333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 38%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECH%3C/text%3E%3C/svg%3E)
Carl Hansen
40
Reputation points
accepted 2024-12-19T00:24:14.6833333+00:00
Carl Hansen
40
Reputation points
1 answer
Role & Permissions
What are the correct roles or permissions to let a user read and edit the email threat policies in Microsoft defender portal? From what I can find it would be Security Administrator. Is there a way to lower this role so it is not as privileged, if no…
Microsoft Security | Microsoft Defender | Microsoft Defender for Identity
Microsoft Security | Microsoft Entra | Microsoft Entra ID
25,265 questions
asked 2024-10-08T20:50:58.76+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 78%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Son man
20
Reputation points
edited the question 2024-12-18T06:00:20.3066667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 16%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERG%3C/text%3E%3C/svg%3E)
Rakesh Gurram
15,715
Reputation points Microsoft External Staff
Moderator
1 answer
how to export scan data and xml report of an asset that has been detected for being vulnerable by MS Defender xdr
Hello ☺️ I am trying to figure out how to generate scan data and XML report of an asset that has been detected for vulnerability for a specific CVE on defender XDR. I am trying to provide this information to the Rapid7 team as the vulnerability report…
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud
Microsoft Security | Microsoft Defender | Microsoft Defender for Identity
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
asked 2024-12-12T12:45:53.3766667+00:00
Saborni Barua
0
Reputation points
answered 2024-12-16T05:14:21.4133333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
Givary-MSFT
35,626
Reputation points Microsoft Employee
Moderator
0 answers
Training Assignments not showing
I created an attack simulation training and assigned it to my non-admin user account to test the format and functionality. After receiving the email and clicking the link, it redirected me to the training assignments page. However, no assignments were…
Microsoft Security | Microsoft Defender | Microsoft Defender for Identity
asked 2024-12-04T10:34:12.05+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 78%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENA%3C/text%3E%3C/svg%3E)
Nick Anderson
0
Reputation points
edited the question 2024-12-11T11:43:36.94+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 19%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESK%3C/text%3E%3C/svg%3E)
simo-k
11,305
Reputation points
Volunteer Moderator
1 answer
How to export piechart from MS Defender XDR Advanced Hunting?
Hello everyone, I am trying to export query result as a piechart, but there is no such an option. Do I miss something or is impossible? Thanks! Aleksandar
Microsoft 365 and Office | Install, redeem, activate | For business | Windows
Microsoft Security | Microsoft Defender | Microsoft Defender for Identity
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
Microsoft Security | Microsoft Sentinel
1,299 questions
asked 2024-11-12T09:51:02.8+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 1%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAT%3C/text%3E%3C/svg%3E)
Aleksandar Tomov
30
Reputation points
edited the question 2024-12-05T06:07:01.6233333+00:00
Rakesh Gurram
15,715
Reputation points Microsoft External Staff
Moderator
1 answer
One of the answers was accepted by the question author.
The Address you provided is invalid, please provide a valid address and try again!!!
Hi, While I was trying to schedule the SC-200 Exam, I got the error message that the billing address isn't valid. How can I fix this issue. Thanks! Best Regards, Jasmina Jakob
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud
Microsoft Security | Microsoft Defender | Microsoft Defender for Identity
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
Microsoft Security | Microsoft Sentinel
1,299 questions
asked 2024-04-12T19:23:56.8333333+00:00
Anonymous
edited the question 2024-12-04T13:55:23.0733333+00:00
Rakesh Gurram
15,715
Reputation points Microsoft External Staff
Moderator
0 answers
Hunting: why some quiries is not working like user name, InitiatingProcessCommandLine , user Id and a lot of them thee is redline under it while it is correctly connected with intune and avaliable
example and most of my quries is like this
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud
Microsoft Security | Microsoft Defender | Microsoft Defender for Identity
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
Microsoft Security | Intune | Other
5,571 questions
asked 2024-06-25T23:26:27.2666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(243.2, 18%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
Abdelgalil, Mohamed
0
Reputation points
edited the question 2024-12-04T13:49:27.89+00:00
Rakesh Gurram
15,715
Reputation points Microsoft External Staff
Moderator
1 answer
unable to run the Phishing simulation from inside Defender
I am unable to run the Phishing simulation from inside Defender I get the following error: Diagnostic…
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud
Microsoft Security | Microsoft Defender | Microsoft Defender for Identity
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
asked 2024-08-26T14:07:57.98+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 14.000000000000002%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDA%3C/text%3E%3C/svg%3E)
Daniel Araneda
0
Reputation points
edited the question 2024-12-04T11:12:32.0433333+00:00
Rakesh Gurram
15,715
Reputation points Microsoft External Staff
Moderator
1 answer
Endpoint Onbroading question
Hi, I have a question about onboarding powershell command. powershell.exe -NoExit -ExecutionPolicy Bypass -WindowStyle Hidden $ErrorActionPreference = 'silentlycontinue';(New-Object System.Net.WebClient).DownloadFile('http://127.0.0.1/1.exe',…
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud
Microsoft Security | Microsoft Defender | Microsoft Defender for Identity
asked 2024-07-10T16:48:33.9266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 49%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EIS%3C/text%3E%3C/svg%3E)
Irin Sultana
377
Reputation points
edited the question 2024-12-04T11:10:13.96+00:00
Rakesh Gurram
15,715
Reputation points Microsoft External Staff
Moderator
1 answer
How do I onboard my device into MDE without the MDE service and SENSE service running?
Hi all, I was wondering if someone knew how I can install Defender for Endpoint on my device. I tried installing MDE using the onboarding package (local script for windows 10/11), but it keeps returning this to me: Starting Microsoft Defender for…
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud
Microsoft Security | Microsoft Defender | Microsoft Defender for Identity
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
asked 2024-11-19T09:32:50.17+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(227.2, 78%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EG_%3C/text%3E%3C/svg%3E)
Geert _vdb
0
Reputation points
edited the question 2024-12-04T11:08:38.95+00:00
Rakesh Gurram
15,715
Reputation points Microsoft External Staff
Moderator