187 questions with Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps tags
word.cloud.microsoft, excel.cloud.microsoft. powerpoint.cloud.microsoft bypass Conditional Access App Control Enformment
Have conditional Access policy, which does the following. For an Unmanaged Device (Device not in intune) Allow Access to browser Use Cloud Access App Control Block Downloads This works for the old urls where it routes to ".mcas.ms" to…
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
when im trying to sign in to a app why does it 1 refresh my screen or 2 delete it faster than I can blink! pleash help!
i picked random tags but PLEEEEEEEEEEEEEEASE HELP MEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE!
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
Defender for Cloud apps
Hello Community , Recently we have been receiving alerts related to defender for cloud apps ,but not sure about the fields that have generated in the alert is sufficient for investigation, For further analysis we have reviewed Azure AAD for the apps For…
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
Admin quarantine is grayed out in file policies of MDCA
Hello, In the governance actions of file policies, I am seeing that "Put the file in Admin quarantine" is grayed out. I am an E5 holder and have global admin access across defender portal. Usually this should be enabled and allow me to set…
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps

OpenSSL vulnerabilities showing in Defender Dashboard
We have multiple devices showing up with OpenSSL vulnerabilities. It is detecting two dll files that it is flagging. Which they are libssl-3-x64.dll and libcrypto-3-x64.dll. It is flagging this for multiple different applications through out multiple…
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud
Microsoft Security | Microsoft Defender | Microsoft Defender for Identity
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
Restrict “Open in Desktop App” for Unmanaged Devices (SharePoint & OneDrive)
Hello everyone, I’m implementing a company policy that restricts users on unmanaged devices to only open documents (Word, Excel, PowerPoint) via Office for the Web when accessing data on SharePoint Online and OneDrive for Business. The goal is to prevent…
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
IN MDCA to configure App connector ServiceNow. Suggest which username & password required & what should be the role assigned to user? What table access is required to provide in ServiceNow for completed successful configuration
Hello Team, To configure app connector ServiceNow to Microsoft defender for cloud. Please suggest which username & password do we need to use. This username & password assign to which role in ServiceNow. Which table needs to add to provide the…
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
Configuring file policy in Microsoft Cloud App Security
You are configuring a file policy in Microsoft Cloud App Security. You need to configure the policy to apply to all files. Alerts must be sent to every file owner who is affected by the policy. The policy must scan for credit card numbers, and alerts…
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
Exclude groups or users from unsanctioned apps
Hello guys, is there a way for unsanctioned apps to allow only for a specific groups or users?
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
Does the Azure Information Protection add-in Microsoft Defender still exist?
The information and screenshots on the page "Classify and protect sensitive information" (https://learn.microsoft.com/en-us/training/modules/microsoft-cloud-app-security/classify-protect-sensitive-information) seem quite stale. The AIP add-on…
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
Microsoft Sentinel/Defender Alerts on Apple iOS Connection to Exchange Online
Many alerts from Microsoft Sentinel/Defender indicate that users are being flagged as compromised. Further investigation reveals that users were accessing Exchange Online from Apple iPhone/macOS devices. The alerts show connections originating from a…
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
DLP Policy Not Scanning Inside Compressed Files (Purview)
I'm trying to configure Microsoft Purview to scan inside compressed files (e.g., .zip, .rar) and apply Data Loss Prevention (DLP) policies to prevent sensitive data from being shared via email. However, I'm encountering the following issues: I need to…
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
Microsoft Security | Microsoft Purview
Al intentar hacer el onboarding de un servidor 2016 arroja el siguiente mensaje: "[Error Id: 15, Error Level: 1] Unable to start Microsoft Defender for Endpoint Service." Necesito ver de solucionarlo
Buenas Tardes Estimados, Al intentar hacer el onboarding de un servidor 2016 arroja el siguiente mensaje: "[Error Id: 15, Error Level: 1] Unable to start Microsoft Defender for Endpoint Service." Necesito ver de solucionarlo
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps

Defender for Exchange online
Hi, I have a fresh Exchange Online tenant with the default domain. I’ve been assigned the task of setting up Exchange Endpoint Protection. I have two questions: What rules or configurations are recommended for Exchange Endpoint Protection? Could you…
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
Skip value not taken into consideration for Cloud Apps API
Hi Team, I am using POST endpoint for getting all the alerts that are present in defender for cloud apps. In our instance we have roughly around 6600 alerts and if I increase the skip value to 9000, the API is duplicating the records of last page and…
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
Logic App Workflow Automation Not Triggering for Security Alerts
I have set up a Logic App to trigger workflow automation for security alerts on Microsoft Defender. However, it is not triggering automatically, even after simulating security alerts on the storage account. I can trigger the alerts manually, and I…
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
Defender Deception Capability Questions
Hello, I've read the documentation on the Deception Capability in Defender and I had some additional questions: Will there be additional documentation for the product once it becomes GA? If you turn off the default rule, will the decoys and lures…
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
How to block access to Sign on (O365 Cloud Apps Exchange, SharePoint, Teams) while on Private VPN or anonymous Proxy
I am attempting to setup a Conditional Access policy that will block access to all Microsoft services if the users are utilizing any of the unsanctioned VPN services in Windows Defender Cloud App Catalog. The policies in Defender seem to only create a…
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
Defender for server Antivirus
Dear All, Please help with below queries : Is EDR and Antivirus capability included in 'Defender for server Plan 1' , if yes, then do we also pay for 'Defender for endpoint' ? I have read somewhere that with 'Defender for Server', integration with…
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
Impact when enabling App governance in Microsoft Defender for Cloud Apps
I already have the license Enterprise Mobility + Security E5 and assigned them all to my entire users as can be seen from: https://admin.microsoft.com/Adminportal/Home#/licensedetailpage/b05e124f-c7cc-45a0-a6aa-8cf78c946968 What are the impact and the…
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps

