1,411 questions with Microsoft Defender for Cloud-related tags
Problems with Microsoft Defender for Cloud identity recommendations V2
The new set of identity related recommendations when GA on 2023-05-01: https://github.com/MicrosoftDocs/azure-docs/commit/aba0c46fdabe84065951c96a7df75333a0493cac#diff-dbd404e58cedaa40736d88385d006caf82189af9cac95af849538aab5c5b57d8L70-L78 As a result…
Microsoft XDR (Defender) - How to export - Advanced Hunting - Custom Detection Rules
Hello everyone, Our team is trying to export the Custom Detection Rules. We have more than 50 rules, so we need an automated process that allows us to export and import the rules. Currently, we see that the API function that allows this is still in beta:…
Defender cloud for SQL
Hello, when i navigate to defender cloud i got this warning. Anyone know if this process will have downtime for the SQL? Also is there any extra cost?
Failed to save server plans for this subscription
We have parched defender for plan2, we can save all the settings without File Integrity and Monitoring settings.
Agent is in deprecation path
Hello, I just realized there are waning on the defender for cloud with message Is need manual action from azure customer or this will be done automatically?
Microsoft Defender Variant
Hello, When we installing windows server or windows workstation, the windows defender is included and this is free of cost. Also when we have office365 subscription there are windows defender also and this is paid version. So what different between free…
I want to fetch regulatory compliance data from microsoft defender for cloud via API in postman, is there any way to do this ?
I see this api on microsoft learn platform but I am not able to replicate the same in postman, I am not sure what type of permission i need to give my application in order for me to fetch regulatory compliance data just same as shown below but via…
Attack Simulation Training False Flagging
Hello, I created an attack simulation with a drive-by URL for my end users and it somehow falsely flagged over half of the users as compromised when I can confirm that they did not click on the URL. I can confirm this because I was one of the users that…
Attack Simulation Training - Training Issue
Hi there, Re: Attack Simulation Training in Microsoft Defender We have deployed phishing campaigns and some users have been compromised. Some of these users are reporting that they have completed the training modules they've been assigned in this…
Defender for Cloud Apps access policy does not send notifications
We have configured an access policy in Defender for Cloud Apps, and have enabled email notifications for it. The access policy blocks access in certain scenarios. I did a test to trigger an event that matches the policy and the access was…
Defender for DNS covered under Defender for Server plan 2?
Defender for DNS now shows "deprecated" and ask if you would want to switch to Defender for Servers plan 2. The documentation related to Defender for DNS shows this update: As of August 1 2023, customers with an existing subscription to…
OpenSSL vulnerabilities in Defender for latest version Microsoft Products
My org has several OpenSSL vulnerabilities for OneDrive and Azure Disk Encryption. The CVEs are CVE-2024-4603, CVE-2024-4741, CVE-2024-5535, and Defender was said to fix inaccuracies with these last month (Sept. 2024).…
Unable to compare the difference of current and new upgrade in Defender plan for storage
Current plan price in terms of the transactions count but present plan price in terms of the storage accounts count. I didn't understand difference between the current and new plan prices, features. Suppose after upgrading to new plan for the Microsoft…
Enterprise Microsoft Defender Exclusion Files and Folder Path Audit Activity
Hi Community Members, Does anyone know where would be the events to locate for Defender files and folder paths and file exclusions performed by Admins? Its an enterprise Defender solution and not home. Many Thanks.
How much time to reflect the results in Defender for Cloud recommendations - Azure Portal?
How much time takes for "Defender for Cloud (CSPM)" to reflect the results in Security Section of the Azure Subscription after fixing the Security Recommendations. Do we have any documentation on this?
Microsoft Defender for Endpoint not Onboarding
Hello, My team is having trouble onboarding Microsoft Defender for Endpoint because the Advanced Threat Protection Service won't start. It looks like the SENSE service is also not starting and is stuck in START_PENDING. I tried rebooting the device and…
Vulnerability Assessment and Penetration Test Report.
Hi Experts, One of our client is requesting a VAPT (Vulnerability Assessment and Penetration Testing) report from the cloud provider. Is it possible to obtain such a report from Microsoft, particularly after addressing any vulnerabilities? We are using…
Incidents in Microsoft Sentinel Auto-Closing Without Automation Rules
I'm currently using Microsoft Sentinel and noticing that some incidents are automatically closing themselves, sometimes with the reason "resolved at source" or no comment at all. I've checked for any automation rules or playbooks that might be…
Defender for Servers or containers covers VMs on Containers?
We have a scenario wherein we are to have AKS clusters with containers. We would be running VMs on these containers. We wanted to understand if Defender for servers or Defender for containers or MDE covers these VMs from security standpoint at OS level,…
Identity Secure Score Regression without making any changes
Hello, Our Identity Secure Score in Entra ID has dropped from 79.98% to 50.36% without any changes made on our part. Using Microsoft Defender, we can view the Microsoft Secure Score, which is different from the Entra Identity Secure Score. However, we…