175 questions with Microsoft Defender for Identity-related tags
WDAC policy and Powershell constrained language mode
Hello, if I understood these articles (1 , 2, 3) correctly, when WDAC is enabled, the Powershell session starts in constrained language mode. Please tell me how to allow users to run powershell in Full Language mode without disabling option 11…
Security recommendations in Microsoft Defender Portal
Hi I have many VA that need to be remediate but first i want to test on single device after that i want to float on all but how is that possible But when i click on request Remediation it open another page where i run on all
How to get Risk Level and Top Entities from Microsoft Defender Portal using Powershell
Hello, I'm having trouble using Powershell to obtain data for the Cloud Discovery Dashboard from the Microsoft Defender Portal. Is it possible for me to obtain data from PowerShell that precisely matches the provided image? I really need to get all the…
Differences between Microsoft Defender XDR and Sentinel
I wonder differences between Microsoft Defender XDR and Sentinel I understand that Microsoft Defender XDR consolidates security alerts (including Cloud Defender, Identity Defender, Endpoint Defender, etc.). While Sentinel can use various connectors…
Defender Intrusion Prevention
Hi Team, As per the latest announce about Intune, Intrusion Prevention feature is deprecated. What is the equivalent feature doing the same behavior ? Thanks, Alaa Elrayes
Cannot connect to compliance Powershell.
Cannot connect to compliance Powershell. I am getting below error when running Connect-IPPSSession . WARNING: Your connection has been redirected to the following URI:…
Update Microsoft Windows 10 (OS and built-in applications) Remediation required
Update Windows 10 to a later version to mitigate 1257 known vulnerabilities affecting your devices. This security recommendation takes into account the following built-in applications: Microsoft Edge, Internet Explorer. I want to remediate this but i…
Authenticator and Outlook have non Microsoft licenses and many of them that are adding extra scripts and layers.
When reviewing my licenses in my Microsoft Outlook Application, I have found licenses for applications that are validating software that gives backdoor intrusion access while I'm setting up new Authenticator Connections. There are also data compiling…
About sign-in and risky user report notification
I am supposed to have the risky user and sign-in risk report as the user alert is enable by default But even though having High risk sign-in I didnot get any notification at all There are more than 10 GA and confirm that there was not any…
User and group membership reconnaissance (SAMR)
Hello, We have received "User and group membership reconnaissance (SAMR)" from defender. I only see the enumeration events no commands, process etc. related. I was wondering how to find root cause for these queries from the user machine. There…
Which tool or service is responsible for vulnerability scanner in M365 defender suite for Endpoints, Identify, Apps, Office 365 and Data and how it works?
Which tool or service is responsible for vulnerability scanner in M365 defender suite for Endpoints, Identify, Apps, Office 365 and Data and how it works?
Need to create Conditional Access Policy for Certificate Based authentication
Hello All, I am attempting to establish a Conditional Access Policy for users using Certificate Based Authentication. I want to enable Certificate Based Authentication(Passwordless) for users accessing specific applications from outside the company…
How to allow a url in office365
Hi All One of the forms url got flagged by Microsoft for phishing, let the say the url is https://forms.office.com/pages/xxxxxxxxxxxxxxxxxxxxxxxx This url is genuine and it is not a phishing url. How can i allow this url or remove the flag, experts…
Do we need to Defender for Identity if I am using Microsoft Entra ID
Dear Team, Hope you are doing well. We need your support in product selection from Microsoft. I have recently taken up a new position as old person has left the company. we are using Microsoft Entra ID with 500 users and we use office 365. I currently…
Microsoft Defender Device Onboard Local Script Device Limit
Hello, I would like to use the Defender Onboarding Local Script to onboard between 40 & 50 devices that failed to onboard with the Intune deployment method used for mass deployments. It says that this type of deployment method can only be used on a…
![](https://techprofile.blob.core.windows.net/images/7EQ5-HY98kGi4i9V9wyPSg.png?8DAAFF)
Incorporación de defeder endpoint
Buenas tardes. Como puedo corregir este error que da al momento de incorporar un punto de conexion de defender endpoint. [Error Id: 15, Error Level: 1] Unable to start Microsoft Defender for Endpoint Service. Error message: El nombre de servicio no…
Microsoft Exchange and Microsoft Defender Flag My Site as Phishing--What Can I Do?
Hi, For about a month our site (domain removed due to privacy) has apparently been flagged by Microsoft as a phishing site. A Microsoft Defender warning comes up to that effect on Edge (and only Edge) and any email we send that includes our URL is not…
How can we procure the Microsoft Defender Experts for XDR service?
Hi All, I want to explore the Microsoft Defender Experts for XDR Services for Microsoft. How can I procure this service from Microsoft? Please guide.
What are the tools required to work using MXDR?
Hi everyone, I am researching on Microsoft Defender for XDR service. I wanted to understand what other Microsoft tools can be used for Security that are either available or can be integrated with the Security Portal. Thanks.
![](https://techprofile.blob.core.windows.net/images/PT7QlfEdr0qdUKsDf1u5tw.png?8D801B)
How to fix data connector for MDE (Sentinel)
Can't connect Sentinel to my MDE portal as it says that I do not have the required license but I have got it and have workstation onboarded
![](https://techprofile.blob.core.windows.net/images/ZmCqtj76I02bBVBh5r7-eQ.png?8D81C8)