155 questions with Microsoft Defender for Identity-related tags
ERRO REPORTED A PROGRAM AS UNSAFE ONE, CAN'T USE IT RIGHT NOW
Hi. This's HUI. When I want to download a program from my working PC, the IE Edge shows a pop-up MSG "DO YOU WAN TO REPORT IT AS A UNSAFE PROGRAM? " I clicked "Yes", and have chosen the reason that "may contain some unnecessary…
MIcrosoft Defender Exploit Guard is blocking my VS application from running - Access Denied
blocking VS from running
How to Restrict URL / Web filtering for Microsoft 365 business Users
I am trying to restrict users from accessing certain URLs within my Organisation's PC. We have a Microsoft 365 E3 License, so I decided to enroll devices and allow users to sign in with their Microsoft 365 Email. I created a policy in Microsoft Defender…
How to Install and Use Microsoft Defender Features
I think I have tagged this correctly, this is part of the problem. I have bought Microsoft Defender for Business licenses for my client. I am trying to apply the features. I have given one to my admin account in case that is required to set it up. I…
E3 vs E5 from a security perspective: Unified XDR/SIEM
Hi, A customer with E5 wants to downgrade to E3. Currently, he has XDR services (All Defenders) and Sentinel. Will he lose any services during the downgrade process?
Windows Server 2016 Defender Feature - Wonderware - January 2024
... fatto stà che improvvisamente un software utilizzato in ambito automazione , parliamo di Wonderware , non riesce più a connettersi ad altre macchine Wonderware , certo utilizza un suo protocollo di comunicazione , una sua modalità di autenticazione ,…
i accidently disabled my windows defender with third party apps
i was downloading some games from a cracked website and i accidently clicked the disable windows security using a third party app and now i cant open windows security or update my windows 11, is there any solution without resetting my computer pls help
Advanced Hunting API cannot query IndetityInfo table
In Postman, I send POST request to https://api.securitycenter.microsoft.com/api/advancedqueries/run and the payload is as below: { "Query":"IdentityInfo" } I got 400 Bad Request and response is as below: { "error":…
Defender for identity configure windows collection
Hello, Kindly i need to know if is it risky to enable audit permissions for everyone when configuring object auditing? im working on defender for identity global health issues from this article…
Resolving Microsoft Defender for Identity global health issues
I installed the first sensor on my on-premise domain controller and updated the auditing shortly after. I now have a couple of global health issues that I have verified to be correctly implemented. What is the behavior for global health issues, do they…
Blocking and unblocking hardware
For most antivirus programs I have used, if a piece of hardware s blocked, I can find it by searching for the computers name, select it, and say don't block it in that anti-virus profile. Is there a way to do something like that with Endpoint Security…
Identity Protection
Hi All, we have a user risk policy in identity protection, and the controls for that policy state that any users with high risk will need to change their password. However, even if any user has a high risk, it's not prompting them to change their…
Non-Domain connected PC management
Does anyone know if D4ID can pull logs on a non-domain joined windows machine? We have some Sensitive Servers that are not Domain joined but need to be monitored for local login by admins. Is this something that Defender 4 ID can do?
Event Name: WindowsUpdateFailure3 May I ask whether this error will affect the system
Fault bucket , type 0 Event Name: WindowsUpdateFailure3 Response: Not available Cab Id: 0 Problem signature: P1: 10.0.14393.5127 P2: 80072ee2 P3: 00000000-0000-0000-0000-000000000000 P4: Scan P5: 0 P6: 1 P7: 8024500b P8: Windows Defender P9:…
Software incorrectly flagged as false positive
Hi I’m writing this to request assistance with a recent issue we encountered involving Windows Defender. Our software was incorrectly flagged as a false positive. We then quickly uploaded it to false positive submission portal…
I want to edit the defender alert to incorporate username of risky user detected.
I know that you can only have the organization name and URL link in defender identity protection alert. I want to know is there a way to add the username of the risky user as well. This would be helpful as there are multiple tenants that require cross…
The Defender for Identity sensor(s) listed are failing to resolve IP addresses to device names
Good morning, I received this message from Azure alerts The Defender for Identity sensor(s) listed are failing to resolve IP addresses to device names using the configured protocols (4 protocols), with a success rate of less than 10%. This could impact…
Downloading Attack Simulator Training videos
hi, Just wanted to check if it's possible to download the training module videos in attack simulator. Would like to upload it to my company's intranet for users to ad-hoc watch the video or send it to users for viewing. Thanks.
Regarding Microsoft defender
Hi, I am observing one vulnerability related to Microsoft defender in windows server 2016 which is in below path :- %ProgramFiles%\Windows Defender\MpCmdRun.exe Version is 4.10.14393.46 as there is no internet in my server, so i tried to manually push…
WDAC policy and Powershell constrained language mode
Hello, if I understood these articles (1 , 2, 3) correctly, when WDAC is enabled, the Powershell session starts in constrained language mode. Please tell me how to allow users to run powershell in Full Language mode without disabling option 11…