194 questions with Microsoft Defender for Identity-related tags
How to change Microsoft attack simulator Training Language
Hello, I need some help in the ability to change the Microsoft Attack Simulator Video training from the default of English to a foreign language. The chosen video training does support the language but I have been unsuccessful in finding the setting in…
Where to install Defender for Identity Sensor for VPN Integration
We have followed the steps in this document https://learn.microsoft.com/en-us/defender-for-identity/vpn-integration to setup VPN Integration for Defender for Identity. However we don't see the sensor receiving any data. As per the document we have added…
Defender Attack Simulation is sending duplicate training notifications
The attack simulation in defender is sending out the duplicate training notifications, when a user is compromised, immediately after the first. Is there something in the set up that I'm missing?
MS Defender - How to manage Tenant Allow/Block Lists with graph api
Hi, I'm trying to create an integration to block certain URLs on Microsoft Defender with the Graph API. After looking into the documentation, I found this endpoint:…
Microsoft Purview Audit Log - Send Microsoft Defender XDR activities to Sentinel
Hello everyone! I would like to forward the Microsoft Defender XDR activities and Microsoft Defender for Identity activities (https://learn.microsoft.com/en-us/purview/audit-log-activities#microsoft-defender-for-identity-activities) from the Microsoft…
Microsoft Windows Server 2019 - Advanced auditing
Any chance a windows expert could assist with with advanced auditting group policy? it is turned on and shows the correct settings when i run an auditpol but when i do an rsop check, Advanced Auditing is missing under this check. When i perform an MDI…
Fake Copy/Paste (copy text - paste example TYfcWtHDivhu9PRkaaCCVAoAk6SKTS2XDH)
I use exclusively MS products on different servers at the same time. But for more than a year now I have been suffering from a problem with copying text. The problem is that after copying the text, the following TYfcWtHDivhu9PRkaaCCVAoAk6SKTS2XDH…
Issue with Azure Identity Validation - Minimum 3-Year Requirement
We’re currently facing an issue with Azure’s identity validation process for our organization, Toeverything, which is based in Singapore. We’ve submitted the required documents, including: Organization name, address, and contact details Domain…
OpenSSL vulnerabilities showing in Defender Dashboard
We have multiple devices showing up with OpenSSL vulnerabilities. It is detecting two dll files that it is flagging. Which they are libssl-3-x64.dll and libcrypto-3-x64.dll. It is flagging this for multiple different applications through out multiple…
Defender for Identity - Directory Services Advanced Auditing is not enabled
Hi Everyone, We have followed the following guide from Microsoft in regards to enabling "advanced auditing" for Defender for Identity: https://learn.microsoft.com/en-us/defender-for-identity/configure-windows-event-collection However, we keep…
When a Computer slows down?
Need to know what questions are important to solve a problem of a slow down computer with windows 10
Accessibility of Microsoft Applications
Hi Community, I have been facing an issue with the accessibility settings on my mobile device for some of the microsoft apps like authenticator, defender, link to windows and launcher. When I turn the access on for them after some time it is turned back…
Office 365 Attack Simulator
I want to run an Office 365 attack simulation training phishing test in a Customer. According to the article below, I need either one of these licenses: Microsoft 365 E5 or Microsoft Defender for Office 365 Plan 2…
How i can whit list or change defender rules ,when malicious files are detected in SharePoint Online, OneDrive, or Microsoft Teams and backup failed by Veam as their is malware in file
How i can whit list or change defender rules ,when malicious files are detected in SharePoint Online, OneDrive, or Microsoft Teams and backup failed by Veaam as their is malware in file how we can make them whit list as these are legitimate files as…
Configure Windows Firewall in Workstation
I need to configure Windows Firewall using Group Policy Managment. How to configure Inbound and Outbound rules
unable to run the Phishing simulation from inside Defender
I am unable to run the Phishing simulation from inside Defender I get the following error: Diagnostic…
Risky Sign-ins in Azure Entra ID and Identity Protection
Hello everyone, I am seeking some technical advice regarding risk sign-ins in Azure Entra ID and Identity Protection. We have an Azure Entra ID setup with a P2 License, and we are experiencing an overwhelming number of high-severity alerts from Identity…
Not allowing to connect Sentinel Data connector with Defender XDR
Hello, I was trying to connect the "Microsoft Defender XDR" connector with "Microsoft Sentinel", but I am facing the below error. I am not sure why Sentinel is not allowing to establish the XDR connector. As I am the Owner of the…
what should i do, allow or click don't allow
what should i do
Microsoft Defender for Identity required licenses and scope?
Before I turn on everything under the Microsoft Defender for Identity from the https://security.microsoft.com/ portal. I wanted to know if I must enable or purchase licenses like Sentinel and Defender ATP or some other licenses I may have missed here.All…