I have enabled some ASR rules and a particular Security Mitigation log is posting non stop, every 1 minute. Anyone know what this is or what Teams is trying to do? Should I have any concerns? We haven't noticed any issues but I am worried something might pop up in the future.
Hi there,
You don't need to worry about these as Exploit protection automatically applies many exploit mitigation techniques to operating system processes and apps.
Defender for Endpoint provides detailed reporting into events and blocks as part of its alert investigation scenarios.
Protect devices from exploits https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/exploit-protection?view=o365-worldwide
You can also use audit mode to evaluate how to exploit protection would affect your organization if it were enabled.
When mitigation is found on the device, a notification will be displayed from the Action Center. You can customize the notification with your company details and contact information.
--If the reply is helpful, please Upvote and Accept it as an answer–
28 people are following this question.
