118 questions with Microsoft Defender for Cloud Apps-related tags
Security Concern Regarding Microsoft 'PC Manager' App
Dear Microsoft Support Team, I am writing to bring to your attention a concerning security issue that has been observed with the recently released Microsoft "PC Manager." Upon conducting thorough testing and analysis, it has come to our…
defender for endpoint settings
Hello! There was a question about the Microsoft Defender Portal settings item in the Defender for Endpoint item. When in Security setting management- enable Use MDE to enforce security configuration settings from Intune. then "Enable…
Defender for Endpoint: How isolate device with high risk automatically?
Hello team, How can I auto-isolate a device that comes with a high-risk score?
![](https://techprofile.blob.core.windows.net/images/HaEJvBhESk2xgN8b4JNOEw.png?8DBE46)
![](https://techprofile.blob.core.windows.net/images/HaEJvBhESk2xgN8b4JNOEw.png?8DBE46)
Microsoft Defender XDR Streaming API
We have an API configured, and it is my understanding that you should be able to tie directly to a sentinel workspace and it should be configured like the image. But none of the options are selected for event hub connections or Storage accounts. For…
Stop downloads on unmanaged devices - conditional access
Hi all, I want to set a block policy on downloads from sharepoint and onedrive for unmanaged devices - personal or not within the tenant.
Quarantine inaccessible: Error message: Failed to load data. Please try again later.
For several weeks, I have been unable to see data in https://security.microsoft.com/quarantinequarantine. This problem started suddenly as I was previously able to access quarantine. Simultaneously, my team started receiving emails affixed with the…
MDCA(MCAS) API - Get list of sanctioned/unsanctioned apps with app name included
Hi All, I am looking at automating a task that we are currently performing manually for a client. We utilise MDCA and the client receives an extract from the MDCA portal showing all sanctioned/unsanctioned apps for the past 30 days. We want to automate…
Outlook Sending Error
Hey We received email from our one member but She didn't send that mail to our organization gp. That mail spread all our each of organization members 3 and 4 times. When we ask to her, she didn't know the outlook before that happen and her position don't…
How to get Audit logs of Microsoft defender for endpoint using Rest APIs.
How to get Audit logs of Microsoft defender for endpoint using Rest APIs with start time & end time along with pagination
Trivy-operator vs Microsoft Defender for AKS (Azure Managed Kubernetes)
Hello all, I am mike. We are currently working on a solution to have an active tool that helps us to check any misconfigurations, scans images for the containers. We found Trivy-operator as one of the solution becuase of it ease of use and capability…
![](https://techprofile.blob.core.windows.net/images/ZuCGjNGWaEiWnbswF6AtpA.png?8DA64C)
About Authenticator app
I had to change my instagram password and during login I can't find instagram on authenticator app. Kindly help
How to export payload domains and sender addresses from Attack simulation portal from M365 security defender? Is there way to get all those domains and sender addresses so that we can use for attack simulations based on our choice?
How to export payload domains and sender addresses from Attack simulation portal from M365 security defender? Is there way to get all those domains and sender addresses so that we can use for attack simulations based on our choice and know that its the…
Defender for Endpoint blocking reddit
I added Reddit.com to my whitelist and can sort of go to Reddit. Windows notification is listing a couple sites it says it can't get to. Is there a way to setup one rule that will cover all sub-domains and such like doing reddit.com/* or such (which…
Defender for Endpoint bios in the wrong place
BIOS update information should flow under Weakness node, but I still have them in Recommendations. Is this by disign like this? Empty: Reference:…
![](https://techprofile.blob.core.windows.net/images/iyN8gQFAAwAAAAAAAAAAAA.png?8DC6DB)
Using KQL in Microsoft Defender to Query files on user computers
Hello, can anyone help me with querying all computers (Windows 10 and 11) in our organization to find the location of files with a specific extension *.ref using KQL in Advanced Hunting? Is it possible to base this query on the Organizational Unit (OU)…
Anomalous Token alert of Defender
Hi all, We used to receive an Anomalous token alert on Defender, and it stopped all of a sudden. Unable to see any policy associated with it. Please help to figure it out.
![](https://techprofile.blob.core.windows.net/images/PT7QlfEdr0qdUKsDf1u5tw.png?8D801B)
WebDAV accessed files have error opening
we have a nextcloud server, self-hosted and when we go to open a microsoft document on the webdav networked drive it gets : "Microsoft Office has blocked access to "https:XYZ..." because the source uses a sign-in method that may be…
files are not scanned that uploaded on teams connected site
files are not scanned that uploaded on teams connected site
API Advanced Hunting IdentityLogonEvents error
Hi everyone, I'm trying to get the Identitylogonevents result from the API, and I get a forbidden error message, I gave all rights, read all Microsoft documentation and article I found nothing. i have test all this API : #$url =…
![](https://techprofile.blob.core.windows.net/images/Xvq8boETt0uY5Losc9Q8Cw.png?8D8876)
Windows Defender MpCmdRun.exe Custom Scan Automation Job Failing intermittently in Production Environment using TeamCity Tool
Hello Microsoft Community, We are currently facing an issue with our TeamCity build automation, specifically related to the custom virus scan using the MpCmdRun.exe command-line utility. Our setup involves executing the command: MpCmdRun.exe -Scan…