1,411 questions with Microsoft Defender for Cloud-related tags

Sort by: Updated
0 answers

Problems with Microsoft Defender for Cloud identity recommendations V2

The new set of identity related recommendations when GA on 2023-05-01: https://github.com/MicrosoftDocs/azure-docs/commit/aba0c46fdabe84065951c96a7df75333a0493cac#diff-dbd404e58cedaa40736d88385d006caf82189af9cac95af849538aab5c5b57d8L70-L78 As a result…

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
916 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,411 questions
asked 2023-05-22T19:55:57+00:00
Janne Kujanpää 241 Reputation points
commented 2024-11-07T18:14:55.48+00:00
Alexandre Ribeiro do Nascimento 16 Reputation points
0 answers

Microsoft XDR (Defender) - How to export - Advanced Hunting - Custom Detection Rules

Hello everyone, Our team is trying to export the Custom Detection Rules. We have more than 50 rules, so we need an automated process that allows us to export and import the rules. Currently, we see that the API function that allows this is still in beta:…

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
12,264 questions
Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,927 questions
Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,851 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,411 questions
Microsoft Defender for Endpoint Training
Microsoft Defender for Endpoint Training
Microsoft Defender for Endpoint: A Microsoft unified security platform for preventative protection, postbreach detection, and automated investigation and response. Previously known as Microsoft Defender Advanced Threat Protection.Training: Instruction to develop new skills.
47 questions
asked 2024-11-07T15:08:58.0766667+00:00
viri4to 0 Reputation points
1 answer

Defender cloud for SQL

Hello, when i navigate to defender cloud i got this warning. Anyone know if this process will have downtime for the SQL? Also is there any extra cost?

Azure SQL Database
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,411 questions
asked 2024-11-07T07:21:09.8333333+00:00
Handian Sudianto 5,161 Reputation points
commented 2024-11-07T11:14:23.79+00:00
NIKHILA NETHIKUNTA 3,105 Reputation points Microsoft Vendor
0 answers

Failed to save server plans for this subscription

We have parched defender for plan2, we can save all the settings without File Integrity and Monitoring settings.

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,411 questions
asked 2024-11-07T11:12:37.07+00:00
Noyon Chandra Das 311 Reputation points
1 answer

Agent is in deprecation path

Hello, I just realized there are waning on the defender for cloud with message Is need manual action from azure customer or this will be done automatically?

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,411 questions
asked 2024-11-07T07:15:23.2466667+00:00
Handian Sudianto 5,161 Reputation points
edited a comment 2024-11-07T10:14:28.8766667+00:00
Givary-MSFT 33,081 Reputation points Microsoft Employee
0 answers

Microsoft Defender Variant

Hello, When we installing windows server or windows workstation, the windows defender is included and this is free of cost. Also when we have office365 subscription there are windows defender also and this is paid version. So what different between free…

Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
11,712 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,221 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,411 questions
asked 2024-11-07T00:56:34.7433333+00:00
Handian Sudianto 5,161 Reputation points
1 answer

I want to fetch regulatory compliance data from microsoft defender for cloud via API in postman, is there any way to do this ?

I see this api on microsoft learn platform but I am not able to replicate the same in postman, I am not sure what type of permission i need to give my application in order for me to fetch regulatory compliance data just same as shown below but via…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,411 questions
Microsoft Defender for Endpoint Training
Microsoft Defender for Endpoint Training
Microsoft Defender for Endpoint: A Microsoft unified security platform for preventative protection, postbreach detection, and automated investigation and response. Previously known as Microsoft Defender Advanced Threat Protection.Training: Instruction to develop new skills.
47 questions
asked 2024-11-06T09:28:30.1666667+00:00
Milan Pandya 0 Reputation points
edited an answer 2024-11-06T21:57:19.4533333+00:00
James Hamil 25,236 Reputation points Microsoft Employee
0 answers

Attack Simulation Training False Flagging

Hello, I created an attack simulation with a drive-by URL for my end users and it somehow falsely flagged over half of the users as compromised when I can confirm that they did not click on the URL. I can confirm this because I was one of the users that…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,411 questions
asked 2024-10-11T18:24:01.37+00:00
Sheila 21 Reputation points
commented 2024-11-06T20:17:48.6533333+00:00
Sheila 21 Reputation points
0 answers

Attack Simulation Training - Training Issue

Hi there, Re: Attack Simulation Training in Microsoft Defender We have deployed phishing campaigns and some users have been compromised. Some of these users are reporting that they have completed the training modules they've been assigned in this…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,411 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
210 questions
Microsoft Defender for Cloud Apps
Microsoft Defender for Cloud Apps
A Microsoft cloud access security broker that enables customers to control the access and use of software as a service apps in their organization.
149 questions
asked 2024-10-02T12:41:09.7066667+00:00
PARR Shaun 35 Reputation points
commented 2024-11-06T20:16:58.5033333+00:00
Sheila 21 Reputation points
2 answers

Defender for Cloud Apps access policy does not send notifications

We have configured an access policy in Defender for Cloud Apps, and have enabled email notifications for it. The access policy blocks access in certain scenarios. I did a test to trigger an event that matches the policy and the access was…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,411 questions
asked 2022-12-05T16:18:47.993+00:00
E. Deventer 1 Reputation point
answered 2024-11-06T18:39:21.74+00:00
Monika Gangurde 0 Reputation points
1 answer One of the answers was accepted by the question author.

Defender for DNS covered under Defender for Server plan 2?

Defender for DNS now shows "deprecated" and ask if you would want to switch to Defender for Servers plan 2. The documentation related to Defender for DNS shows this update: As of August 1 2023, customers with an existing subscription to…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,411 questions
asked 2024-11-06T00:32:54.99+00:00
Rakesh Singh 250 Reputation points
accepted 2024-11-06T17:03:40.76+00:00
Rakesh Singh 250 Reputation points
0 answers

OpenSSL vulnerabilities in Defender for latest version Microsoft Products

My org has several OpenSSL vulnerabilities for OneDrive and Azure Disk Encryption. The CVEs are CVE-2024-4603, CVE-2024-4741, CVE-2024-5535, and Defender was said to fix inaccuracies with these last month (Sept. 2024).…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,411 questions
asked 2024-10-15T20:07:36.4466667+00:00
Zach Hyman 30 Reputation points
commented 2024-11-06T12:13:02.66+00:00
Lazarov, Stefan 0 Reputation points
2 answers One of the answers was accepted by the question author.

Unable to compare the difference of current and new upgrade in Defender plan for storage

Current plan price in terms of the transactions count but present plan price in terms of the storage accounts count. I didn't understand difference between the current and new plan prices, features. Suppose after upgrading to new plan for the Microsoft…

Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
3,220 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,411 questions
asked 2024-11-06T05:52:07.9433333+00:00
Rajoli Hari Krishna 556 Reputation points
answered 2024-11-06T08:46:52.7733333+00:00
Sumarigo-MSFT 47,021 Reputation points Microsoft Employee
1 answer One of the answers was accepted by the question author.

Enterprise Microsoft Defender Exclusion Files and Folder Path Audit Activity

Hi Community Members, Does anyone know where would be the events to locate for Defender files and folder paths and file exclusions performed by Admins? Its an enterprise Defender solution and not home. Many Thanks.

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,411 questions
asked 2024-10-31T11:02:01.5333333+00:00
joomla3597 55 Reputation points
accepted 2024-11-06T07:13:09.8933333+00:00
joomla3597 55 Reputation points
1 answer One of the answers was accepted by the question author.

How much time to reflect the results in Defender for Cloud recommendations - Azure Portal?

How much time takes for "Defender for Cloud (CSPM)" to reflect the results in Security Section of the Azure Subscription after fixing the Security Recommendations. Do we have any documentation on this?

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,411 questions
Microsoft Defender for Cloud Apps
Microsoft Defender for Cloud Apps
A Microsoft cloud access security broker that enables customers to control the access and use of software as a service apps in their organization.
149 questions
asked 2024-11-05T16:53:03.6633333+00:00
Rajoli Hari Krishna 556 Reputation points
accepted 2024-11-06T04:15:20.59+00:00
Rajoli Hari Krishna 556 Reputation points
1 answer

Microsoft Defender for Endpoint not Onboarding

Hello, My team is having trouble onboarding Microsoft Defender for Endpoint because the Advanced Threat Protection Service won't start. It looks like the SENSE service is also not starting and is stuck in START_PENDING. I tried rebooting the device and…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,411 questions
asked 2024-10-30T16:38:23.8766667+00:00
Trent Nolin 0 Reputation points
answered 2024-11-05T12:30:37.7066667+00:00
Pauline Mbabu 480 Reputation points Microsoft Employee
1 answer

Vulnerability Assessment and Penetration Test Report.

Hi Experts, One of our client is requesting a VAPT (Vulnerability Assessment and Penetration Testing) report from the cloud provider. Is it possible to obtain such a report from Microsoft, particularly after addressing any vulnerabilities? We are using…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,411 questions
asked 2024-10-28T07:07:05.5133333+00:00
Veera 260 Reputation points
commented 2024-11-05T06:40:23.36+00:00
Givary-MSFT 33,081 Reputation points Microsoft Employee
1 answer One of the answers was accepted by the question author.

Incidents in Microsoft Sentinel Auto-Closing Without Automation Rules

I'm currently using Microsoft Sentinel and noticing that some incidents are automatically closing themselves, sometimes with the reason "resolved at source" or no comment at all. I've checked for any automation rules or playbooks that might be…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,411 questions
Microsoft Sentinel
Microsoft Sentinel
A scalable, cloud-native solution for security information event management and security orchestration automated response. Previously known as Azure Sentinel.
1,157 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,093 questions
asked 2024-10-17T14:15:27.48+00:00
Hyago Santana Mariano 20 Reputation points
accepted 2024-11-04T19:55:29.14+00:00
Hyago Santana Mariano 20 Reputation points
1 answer One of the answers was accepted by the question author.

Defender for Servers or containers covers VMs on Containers?

We have a scenario wherein we are to have AKS clusters with containers. We would be running VMs on these containers. We wanted to understand if Defender for servers or Defender for containers or MDE covers these VMs from security standpoint at OS level,…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,411 questions
Microsoft Defender for Endpoint Training
Microsoft Defender for Endpoint Training
Microsoft Defender for Endpoint: A Microsoft unified security platform for preventative protection, postbreach detection, and automated investigation and response. Previously known as Microsoft Defender Advanced Threat Protection.Training: Instruction to develop new skills.
47 questions
asked 2024-11-04T16:38:05.95+00:00
Rakesh Singh 250 Reputation points
accepted 2024-11-04T17:22:51.54+00:00
Rakesh Singh 250 Reputation points
1 answer One of the answers was accepted by the question author.

Identity Secure Score Regression without making any changes

Hello, Our Identity Secure Score in Entra ID has dropped from 79.98% to 50.36% without any changes made on our part. Using Microsoft Defender, we can view the Microsoft Secure Score, which is different from the Entra Identity Secure Score. However, we…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,411 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,093 questions
asked 2024-10-18T12:46:11.64+00:00
LM-5132 100 Reputation points
accepted 2024-11-04T15:58:13.3233333+00:00
LM-5132 100 Reputation points