1,250 questions with Microsoft Defender for Cloud-related tags
I am receiving this notification from the Defender "Insecure SSH private key"
I am receiving this notification from the Defender "Insecure SSH private key" Defender for Servers found a plaintext SSH private key that is part of a pair. It is important to secure the private key to avoid its misuse or leakage. But on the…
'Wacatac' malware was detected (Agentless preview)
Hi Team on one of the linux machine Microsoft Defender for Cloud in Security alerts shows malware how to remediate it.
Info required for migration of MMA to Windows defender Unified agent.
Please help me to identify the specific process for that Microsoft Defender unified agent is running on the server. Scenario is that there are some servers in the environment running with 2012R2 and 2016. And MMA is running on the servers. As a result,…
Defender 365 admin console - Disabled Connected to a custom indicator & Connected to a unsanctionned blocked app rules
I want to know how I can disable these two following alerts : Disabled Connected to a custom indicator Connected to an unsanctioned blocked app I didn't find these alerts on the Alerts Policy of XDR/EPP or Cloud apps. Since all the changed that…
Improving CVE checks in Microsoft Defender for Cloud
What are some ways to enhance and evaluate checks for CVE's in Microsoft Defender for Cloud? Could someone please provide a detailed guide or article on how to accomplish this?
Antivirus Migration from McAfee to Defender for Server
Hi All, I am currently working on a plan to migrate my antivirus for my servers from mcAfee to Microsoft defender for Server. I would like to know if there is a recommended plan on how to go about this? is there a url where I can have an estimate…
Defender Vulnerability Remediation Query
I have some Linux azure vm for which we have vulnerability to be resolved as per defender for cloud vulnerability recommendation. What is know is there a way to remediate all vulnerability findings through azure portal. And 2. We are using…
How to Onboard Windows servers to Microsoft Defender for Endpoint using Defender for Cloud
We have configured Microsoft Defender for Server Plan 1 in our environment. How to Onboard windows server automatically in Microsoft defender for endpoint using Defender for cloud. Where we can see the device reporting and logs. What are the RBAC…
How can i enable defender on particular app service plan.
Hi i have 7 app plan and they have 7 instance correspondigly. when i go to app plan there is no option for defender. when i go to app service defender option is there but i dont have option to apply it. At defender page > Environment Setting > we…
Need suggestion for malware scan for blob in Azure Storage, file size approx. 100GB
We're uploading virtual machine backup files using AzCopy with extension .vmdk, .vdi, etc and size are huge around 100GB and it's a single file to Azure Storage as a blob. We thought to do malware scan once file uploaded. The Defender of Azure Storage…
OpenSSL Vulnerability
Hello, We received a critical alert from Microsoft Defender (CVE-2023-49210) which tells us that 90 of our devices have vulnerabilities due to the version Openssl which is not supported anymore. We don't have any software on these PCs that include…
New teams not in defender for endpoint
Hello everyone, In the company we're curently moving from teams classic to new teams. However I don't see the new teams in defender. Is the new teams not visible in defender for endpoint ? I can no longer see vulnerabilities and who has the new teams…
Troubleshooting missing secure score for Microsoft Cloud Defender continuous export
I have 5 subscriptions that are configured for continuous export. However, when I look at the workbooks for secure score over time, only 3 out of the 5 subscriptions are showing the current score. I have checked all the settings, and everything seems to…
You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains a user named Ben Smith. You configure a Password protection for contoso.com that includes the following Custom banned passwords
You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains a user named Ben Smith. You configure a Password protection for contoso.com that includes the following Custom banned passwords settings: Enforce custom list: Yes …
OpenSSL vulnerabilities showing in Defender Dashboard
We have multiple devices showing up with OpenSSL vulnerabilities. It is detecting two dll files that it is flagging. Which they are libssl-3-x64.dll and libcrypto-3-x64.dll. It is flagging this for multiple different applications through out multiple…
Defender for container - Pricing question
Hello, I added an AKS-HCI Kubernetes cluster on Azure Arc, and I activated Defender for Containers. I’m not using the Azure registry. It has been 40 days since I integrated this, but I still don’t see any charges for Defender, even though it’s clearly…
Understanding why full and quick scans are out of 7 days
Hi, We have been receiving security recommendations for our virtual machines, and one of the findings states that "Both full and quick scans are out of 7 days": EDR configuration issues should be resolved on virtual machines-> Findings->…
Compliance policies not evaluated for every device in Microsoft Intune.
Hi, I've recently been tasked with updating all of our endpoints to have Microsoft Defender for Endpoint. We have upgraded to Business Premium licenses which come the MDE and Intune. I've successfully onboarded 4 devices for testing through MDE, and the…
How to secure container in container apps using Defender for cloud
Hi, I want to know how can I protect the containers during runtime and scan the images with Defender for containers. Listing down my questions How to configure Defender for Containers for runtime protection. And what action to take post…