1,250 questions with Microsoft Defender for Cloud-related tags
Defender for Cloud based Standards
Recommendations under "Azure CSPM (Preview)" standard are all tagged with source as "Defender for Cloud". What's the difference between recommendation source "defender for cloud" and "policy"? How can I access…
Regulatory compliance reports not accurately affecting security
I have some regulatory compliance reports still showing unhealthy resources 3 days after the problem as been remediated. Any idea why this could be happening?
Defender for Red Hat Linux
My customer just migrated most of the environment running in Azure. We have bunch of Red Hat Linux servers will be migrated to Azure VMs. We are going to protect our Windows and Linux Environment using Microsoft Defender. However, there were issues…
Visual Studio blocked by MS Defender
Microsoft defender blocked visual studio 2022 ( C#) and I can't enter windows forms, console, etc. Please help.
Microsoft Defender for Cloud
Hello, Please guide me, why microsoft defender for cloud service has taking the charges for every month even though I not using the any of the Azure services. What is procedure to refund the unusage services and how to stop/delete it to avoid the…
How Defender ATP works on IOS ?
Hello everyone, I am currently a student and intern in cybersecurity, and I am curious about how Defender operates on mobile devices, particularly on iOS (after deployed with Intune). I have been trying to find a flow chart that outlines the workings of…
Microsoft Defender for Cloud Storage.. Azure File Shares questions
A vendor recently converted our file server over to Azure File shares and after doing some testing some questions have arose... Does Microsoft Defender for Cloud Storage scan preexisting file shares for malware when implemented after data has already…
shared settings : Number of days until partner is unresponsive
Hello, I hope this message finds you well. I am seeking clarification on the “Shared settings: Number of days until partner is unresponsive” option found under Endpoint Security > Microsoft Defender for Endpoint. Specifically, I would like to…
Integrating Microsoft Sentinel with Microsoft Defender XDR
I am trying to Integrate microsoft sentinel and defender XDR. So here are the steps I have done so far. Log analytics created, Sentinel attached to the workspace enabled the defender connector . after enabling the connector , I have enabled…
Can Defender for Endpoint policies and features on Azure Stack HCI hosts be managed by MDE or SCCM?
I am curious whether MDE or SCCM can be used to manage Defender for Endpoint policies and features on Azure Stack HCI hosts. Also, does Azure Stack support the use of ASR rules via Defender for Endpoint? Will enabling ASR impact the functioning of Azure…
Defender for Endpoint Policies
Hello If a workstation or server is onboarded to defender for endpoint and no security policies have been pushed to the endpoint, what are the default settings or configuration that defender uses? does it stay dormant until policies are pushed? Thanks
Microsoft Vulnerability Manager Security Recommendations - Python
Microsoft Vulnerability Manager Security Recommendations is advising to Update Python as it is currently version 3.7.7.0 however, when installing Python latest version (3.12.30) from https://www.python.org/downloads/ it is still reporting on Microsoft…
Defender I use GPO Can Switch Config policy On Defender Mange by MDE device configuration management ?
Now plan deploy MDE my PC joins local AD which makes it difficult to manage policy through GPO. Is this possible? If I want to use Switch Gpo policy through Device configuration management MDE?
Windows Defender SenseNdr.exe Application Crashing Events
Faulting application name: SenseNdr.exe, version: 2.3.1.0, time stamp: 0x7484efee Faulting module name: SenseNdr.exe, version: 2.3.1.0, time stamp: 0x7484efee Exception code: 0xc0000409 Fault offset: 0x000000000071f9c1 Faulting process id:…
Choosing between Defender for Endpoint and Defender for Server for servers with no internet connectivity
We are planning to migrate from Symantec® Endpoint Security to Microsoft, specifically looking for EDR and XDR features for our On Prem servers that have no connectivity to the internet. Should we use Defender for Endpoint or Defender for Servers? We are…
FIM in defender not showing file changes for newly created file after 3 days also.
Team, I have enabled FIM on one of the Resource Group it has created one default Log Analytics Workspace, DCR rule. We executed a script that will create test file on all VM's in /etc and C:\windows\system32 directory. But those changes are not yet…
What is best way to keep up to date employer's devices?
I'm looking for a solution with minimum administrator effort for keeping up to date on all employer's devices. In the organization, I have about 50 devices that they onboarded to Defender for Cloud's portal. All devices showing on Microsoft Defender…
Is there a way to enable Defender for Servers in Azure by resource group within a subscription?
Working on deploying Defender for Cloud and wanting to enable Defender for Servers in Azure on a subscription but don't want all servers within the subscription to have it enabled just yet. Would prefer to target servers in specific resource groups…
How To Remediate Azure Secure Score Recommendations
Hello, I have this is security recommendation showing in Defender for Cloud, "Azure Machine Learning Computes should have local authentication methods disabled", the remediation steps given is to toggle "Enable SSH access" off. I…
Error when using Advanced Hunting
Hello, I have a customer that is getting the error below when using advanced hunting and is unable to search 'EmailEvents' and would like some insight on it? Issue: When using the Advanced Hunting option, the object 'EmailEvents' returns: "Syntax…