1,449 questions with Microsoft Defender for Cloud-related tags
AxiosError: Request failed with status code 400
Hi, When we are trying to raise our secure score we encountered this problem: Something went wrong We have encountered an error loading this page, please try again later: AxiosError: Request failed with status code 400 Can someone explain why its having…
Policy definition "Windows machines should be configured to use secure communication protocols" is being wrongly applied to Windows11 machines.
I have some windows 11 machines and they are being flagged by Microsoft Defender for Cloud saying "Windows machines should be configured to use secure communication protocols". But when I research this issue I found out that Windows 11 has…
Microsoft XDR (Defender) - DeviceEvents - ShellLinkCreateFileEvent
Hi everyone, I've been trying to create a hunting query in the Defender portal to identify when a malicious .lnk file is created. I noticed that an interesting event to detect and analyze this is "DeviceEvents --> ShellLinkCreateFileEvent",…
i want to control and limited the Microsoft Defender action inroder to reduce costs
i have significant costs on Microsoft Defender for Cloud- I would like to reduce that . I want to know how can I reduce my costs , how to limit the Microsoft Defender for Cloud. when i checked the settings of defnder plans i have seen that there shold be…
Defender for Cloud updated CIS Compliance Standard
I would like to ask if the Defender for Cloud product group knows when the updated CIS Azure Foundations Benchmark will become available as a regulatory compliance standard in Defender for Cloud.
Use quarantine notifications
How can I customize the quarantine email template in Microsoft 365 Defender to translate the email body into Azerbaijani without using PowerShell? I want to ensure the subject line, body text, and all relevant sections are user-friendly for…
Mismatch API Version with Azure Resource Graph
I am trying to find the full schema for the microsoft.security/assessments/subassessments. Azure Resource Graph is telling me that the resource is using version 2020-01-01 of the API. There is no corresponding version or release notes of that API. Here…
Security compliance for azure resources
Hi My customer wants me to check security breaches in his Azure tenant. He has one subscription and many resource groups. Many resources are inside the resource group. How to start and what things should I check? For example; if I will start with…
Is it possible to automatically email reports for incomplete Attack Simulator training?
Hey everyone, I’m currently managing security training for my organization and using the Attack Simulator feature in Microsoft 365. I was wondering: Is there a way to automate reports for users who haven’t completed their assigned training and have those…
Defender for Storage plan where it store the logs
When we are enabling Defender for Storage plan or other plan -where its store the logs. we can check the alerts, but to get the alert, defender must be checking some logs, so that logs where it store ? and how to check it ?
Microsoft Defender Email Collaboration
I want to customize quaratine notification. When user recieve malicous mail ( for example it will be phishing link , malicous attachment, spam mail and etc) , it will go quarantine due policies. Quarantine also sends notification to user, as quarantine…
Error message when try to get my secure score
Every time I try to get my secure score the following message appears. I could previously access it and now I can only see the score on the dashboard (which has dropped significantly) from the previous score.
Microsoft Defender For Cloud Not Giving Any Security Alert?
I have enabled MicroSoft Defender for Cloud for my Ubuntu Servers and Azure Mysql Server. I have enabled it a week ago, but it didn't send any security alert. I am wondering if there is any other configuration that i need to do before receiving any…
OpenSSL vulnerabilities in Defender for latest version Microsoft Products
My org has several OpenSSL vulnerabilities for OneDrive and Azure Disk Encryption. The CVEs are CVE-2024-4603, CVE-2024-4741, CVE-2024-5535, and Defender was said to fix inaccuracies with these last month (Sept. 2024).…
Simulation phishing Training - Defender Menu
Hi, We are trying to explore the attack simulation, when a user is compromised and they are enrolled for training, it is noticed that the MS defender Menu (Home, Threat Intelligence - Trials, Exposure Management - Data Connectors, Email Collaboration -…
OpenSSL Vulnerability Shown on Microsoft Defender for Cloud Dashboard - OneDrive affected app
An OpenSSL vulnerability has been flagged on one of our devices by Microsoft Defender for Cloud. The vulnerability has listed two dll files as the main culprits (both installed via OneDrive): libcrypto-3-x64.dll libssl-3-x64.dll The OneDrive version…
how to export scan data and xml report of an asset that has been detected for being vulnerable by MS Defender xdr
Hello ☺️ I am trying to figure out how to generate scan data and XML report of an asset that has been detected for vulnerability for a specific CVE on defender XDR. I am trying to provide this information to the Rapid7 team as the vulnerability report…
Defender for Storage scan single blob...
Hi, We've enabled Defender for Storage Accounts on an account which receives blobs from third-parties. If the blob is marked as safe - we continue onward processing. We're in a scenario where not all uploaded blobs are marked as safe/unsafe by Defender.…
Problems with Microsoft Defender for Cloud identity recommendations V2
The new set of identity related recommendations when GA on 2023-05-01: https://github.com/MicrosoftDocs/azure-docs/commit/aba0c46fdabe84065951c96a7df75333a0493cac#diff-dbd404e58cedaa40736d88385d006caf82189af9cac95af849538aab5c5b57d8L70-L78 As a result…
Does MS Defender provides security features (like vulnerability scanning and Intrusion prevention etc) can be configure for Azure Cloud service (extended support) CS-ES.
Defender documentation shows The vulenerability scan is limited to VM as supported destinations only. Also the Defender inventory list does not shows any CS-ES instances protected by it.