1,251 questions with Microsoft Defender for Cloud-related tags
Get the full list of Defender sub assessments given an assessment?
We have multiple subscriptions with hundreds of different Azure resource types. I would like to work to remediate the assessments and sub assessments found on the sql server, Azure SQL and Azure SQL MI. The portal shows about 2K sub assessments on the…
Blank pages or menu in Microsoft Defender for Cloud
Hi, I have some issues with using Defender for Cloud recently. I am trying to manage my compliance standards to monitor for my subscriptions using the "Regulatory compliance" blade. But as is showing my screenshot, the menu bar is missing. I…
o365 Defender Portal Incident Notifications
I have followed articles online to setup email notifications for incidents in the defender portal for medium and high detections. I noticed a medium incident in the portal which I did not get an email for. I have read articles online of others having the…
nestjs microservices using grpc to azure kubenertes using the LoadBalancer service
Hello, we have deployed a nestjs microservices using grpc to azure kubenertes using the LoadBalancer service method exposing a public IP from azure. The application itself is running and working, but sporadic we are getting the status code 14 unavailable…
How to fully Uninstall/Clean-up Microsoft Defender Endpoint
Hello, We are having issues trying to use a migration tool to move our devices to another Microsoft tenant. It seems to be struggling gaining access and deleting a regkey that is link to a service for MDE. The tool is running and using the system…
How to onboard Defender via userdata scripts?
I am trying to onboard defender to windows servers. By following onboarding steps 1 to 4 in this doco, I was able to onboard defender to windows servers manually. However, we are using userdata powershell scripts for our windows server. I need to put all…
Defender Attack Simulation Training Data Retrival through graph API
I am retireving data from attack simulation training using graph api to devolop Power BI dashboards. How ever when I retriving data from getAttackSimulationTrainingUserCoverage always completionDateTime getting 'null' even trainingStatus = 'completed', I…
This recommendation is applicable only for resources with MDE discovered.
Hi all, In my microsoft defender I am getting the recommendation as "EDR solution should be installed on Virtual Machines", and in the reason I am getting "This recommendation is applicable only for resources with MDE discovered.".…
Can I set an owner on a recommendation in defender for cloud without using governance rules?
We already used governance rules to set owner on severity "high" recommendations in defender for cloud. Now we need to set owners more specific, depending on resource tags. For example we have a recommendation "Windows servers should be…
Custom recommendation I created doesn't get triggered as a recommendation in defender for cloud
I am trying to make custom recommendations work. I created a custom recommendation that looks meta data of a keyvault and checks if PublicNetworkAccess is enabled if so then it finds "iprules" in meta data. If it can see the word…
MS Defender agent uninstalling - Complete #help
Hello Community I have a VM where a 3rd party AV is installed , previously we were using MS defender endpoint but it was giving pain for redhat machines. Problem : I have a win10 VM where i have uninstalled the MDE agent from extension . but…
how can i use o365 Defender to push certain windows hostbased firewall rule on windows servers?
hi how can i use o365 Defender to push certain windows host based firewall rule on a windows servers hosted on azure or managed with Azure Arc? and if defender cannot do it , what are the alternative tools ?
SQL Server: Defender for SQL Server Configuration Issues – Status Not Displayed
I have an SQL Server, and I attempted to configure Defender for SQL Server. However, even after a day, it has not been configured properly, and the menu showing the "Protected" or "Not Protected" status does not appear as expected.…
Endpoint defender
I I have intune license why i cant unable it in order to push the devices on board?
How rollback Microsoft defender plan settings?
Hi, I just accidentally click the 'Upgrade' button and enabled Microsoft defender trail plan for 4 subscriptions while I was logining Azure SQL databases. Can you tell me how can I rollback that? Because need approval before enable that. Thanks. Best…
Security Center Remediate security configurations-Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE'
Can some help me remediate this security center "Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE'" I have web server (IIS) installed in my VM , The recommended state for this setting is: LOCAL SERVICE,…
Issue with Defender Recommendations - Linux virtual machines should enable Azure Disk Encryption or EncryptionAtHost.
HI i have 3 virtual machines in azure i have enabled one week back Encryption at host for all machines - Now am seeing - Recommendations - Virtual machines and virtual machine scale sets should have encryption at host enabled is now in healthy…
Ensuring User Reauthentication and Consolidating Functions with XDR
Issue Description: The CloudApp portal, which facilitated user reauthentication, has been removed. As a result, we need to find a new method to prompt users to sign in again for security purposes. Objective: Our goal is to implement a seamless…
Connect Defender for Servers to Log Analytics Workspace
We've enabled Defender for Servers and I'd like to confirm how to connect it to our Log Analytics Workspace. The Microsoft Defender XDR connector is already installed, but do we need to install the Microsoft Defender for Cloud connector for this? The…