1,216 questions with Microsoft Defender for Cloud-related tags
Standard Recommendations with Source "Defender for Cloud"
Recommendations under Compliance Standards (e.g. Azure CSPM (Preview) Standard) are tagged with source field as "Policy" or "Defender for Cloud". whats the difference between recommendations that are sourced from policy vs defender…
Managed identity should be used in web apps
We have a situation with a PAAS application where in Azure Advisor it is asking us to enable Managed identity should be used in web apps and Function APP . Our concern is that if I specifically change this to be Managed indentiese then will it break…
Defender for Cloud based Standards
Recommendations under "Azure CSPM (Preview)" standard are all tagged with source as "Defender for Cloud". What's the difference between recommendation source "defender for cloud" and "policy"? How can I access…
Exception Handling for Defender & Third-Party EDR Conflict
Hello. We are currently operating Microsoft Defender for Cloud (MDC). We aim to comply with one of MDC's recommendations, 'EDR solution should be installed on Virtual Machines.' While Windows machines have Microsoft Defender for Endpoint (MDE) installed…
P1 and P2 Defender Plans are active at the same time and the same Azure Ressource
Hello, We use a standard Microsoft Policy to activate Azure Defender for Servers P1 via tags on our Azure ARC Servers. The policy in question is "Configure Azure Defender for Servers to be enabled ('P1' subplan) for all resources (resource level)…
Regulatory compliance reports not accurately affecting security
I have some regulatory compliance reports still showing unhealthy resources 3 days after the problem as been remediated. Any idea why this could be happening?
Can I create a PowerAutomate flow to offboard devices in Defender for Endpoint?
I would like to create a friendly interface for users to offboard devices in Defender for Endpoint, so they won't have to run this process manually. Is this possible?
ServiceNow integration with Defender for Cloud
What permissions are required in SerivceNow for the ServiceNow integration with Defender for Cloud user? The doc does not seem to indicate what permissions are required for the ServiceNow service account in…
Azure Policy & VM JIT - Do not allow Any as source
I am currently trying to prevent users from requesting Azure JIT VM access coming from the Source IP addresses "Any". According to this thread, https://learn.microsoft.com/en-us/answers/questions/846584/azure-vm-jit-do-not-allow-any-as-source ,…
How to remove pixel.mathtag virus
We have been hit with pixel.mathtag and it is hijacking our browsers but not doing anything other than spreading to all of our devices. It hits about 8 per day, since last Wednesday. It does not collect any data or attack anything it just hijacks the…
Error durin on-upload malware scan activation for storage account
I created Event Grid topic and want to assign it to Microsoft Defender report pipeline. When I enable on-upload scan for my storage account and select my topic, I get Plan enablement partially succeeded. Could not enable on-upload malware scanning:…
Defender for Red Hat Linux
My customer just migrated most of the environment running in Azure. We have bunch of Red Hat Linux servers will be migrated to Azure VMs. We are going to protect our Windows and Linux Environment using Microsoft Defender. However, there were issues…
Visual Studio blocked by MS Defender
Microsoft defender blocked visual studio 2022 ( C#) and I can't enter windows forms, console, etc. Please help.
How to create a overview over all VMs and his CIS compliance status?
Is there any way to generate an overview to see the CIS compliance coverage over all virtual maschines? Me problem is, we need to use CIS Images vor VMs but some applications need the possibility to deactivate some of the CIS rules to work correctly. So…
How to stop ATP clicking links in Phishing simulation emails
I have logged in to Microsoft Defender for O365 and configured the Phishing Simulation tab under Email & collaboration > Policies & rules > Threat policies > Advanced delivery. But something ATP wise is still clicking the links in my…
Microsoft Defender for Cloud
Hello, Please guide me, why microsoft defender for cloud service has taking the charges for every month even though I not using the any of the Azure services. What is procedure to refund the unusage services and how to stop/delete it to avoid the…
How Defender ATP works on IOS ?
Hello everyone, I am currently a student and intern in cybersecurity, and I am curious about how Defender operates on mobile devices, particularly on iOS (after deployed with Intune). I have been trying to find a flow chart that outlines the workings of…
Microsoft Defender for Cloud Storage.. Azure File Shares questions
A vendor recently converted our file server over to Azure File shares and after doing some testing some questions have arose... Does Microsoft Defender for Cloud Storage scan preexisting file shares for malware when implemented after data has already…
shared settings : Number of days until partner is unresponsive
Hello, I hope this message finds you well. I am seeking clarification on the “Shared settings: Number of days until partner is unresponsive” option found under Endpoint Security > Microsoft Defender for Endpoint. Specifically, I would like to…
Integrating Microsoft Sentinel with Microsoft Defender XDR
I am trying to Integrate microsoft sentinel and defender XDR. So here are the steps I have done so far. Log analytics created, Sentinel attached to the workspace enabled the defender connector . after enabling the connector , I have enabled…