Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,321 questions
1,228 questions with Microsoft Defender for Cloud-related tags
1 answer
IaaSAntimalware and MDE.Windows VM extensions
Are there any benefits to having both the IaaSAntimalware and MDE.Windows extensions installed on an Azure hosted virtual machine or are they just redundant?
Azure Virtual Machines
Azure
Azure
A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.
1,033 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,228 questions
asked 2024-05-31T21:46:06.1866667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 55.00000000000001%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
Jonathan Maas
0
Reputation points
commented 2024-06-01T01:07:11.28+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(60.8, 4%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKM%3C/text%3E%3C/svg%3E)
kobulloc-MSFT
24,406
Reputation points Microsoft Employee
0 answers
How to Onboard Windows servers to Microsoft Defender for Endpoint using Defender for Cloud
We have configured Microsoft Defender for Server Plan 1 in our environment. How to Onboard windows server automatically in Microsoft defender for endpoint using Defender for cloud. Where we can see the device reporting and logs. What are the RBAC…
asked 2024-06-01T00:15:53.4+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 53%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMS%3C/text%3E%3C/svg%3E)
Mahavir Saroj
201
Reputation points
asked 2024-06-01T00:15:53.4+00:00
Mahavir Saroj
201
Reputation points
1 answer
What's the exact definition of 'Timegenerated' in an Azure Resource Graph query output for Container Image Vulnerabilities?
When we run a query to find vulnerabilities in Container Images, there's a 'timegenerated' column in the query output. I've tried to find this documented somewhere, but can't, I've only found a document for Azure Monitor. Does this mean it's the last…
asked 2024-05-30T14:45:02.8466667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 20%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELL%3C/text%3E%3C/svg%3E)
LaBombard, Lory
41
Reputation points
commented 2024-05-31T16:30:54.6166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(243.2, 82%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELL%3C/text%3E%3C/svg%3E)
Lory Labombard
0
Reputation points Microsoft Employee
0 answers
How to block SAM, LSA dump through Microsoft Defender for Endpoint
Hello, I am trying to see if the EDR Microsoft Defender for Endpoint or other solutions from Microsoft offer options to block the following hive dump SAM, LSA and optionaly DPAPI. I am aware that suspicious dumps are detected but is there a possibility…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(208, 91%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 76%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EV%3C/text%3E%3C/svg%3E)
0 answers
Microsoft Defender for Containers in AKS-HCI - pricing questions
Hello, I added a new AKS-HCI kubernetes cluster on premises to arc, and enabled defender for containers and installed the extensions in the cluster. but billing has still been 0 since 1 month. can you explain why. given that it is stated that billing…
asked 2024-05-31T13:09:57.42+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 80%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECH%3C/text%3E%3C/svg%3E)
Chelligue Hamza
0
Reputation points
asked 2024-05-31T13:09:57.42+00:00
Chelligue Hamza
0
Reputation points
1 answer
Azure - Microsoft Defender for Cloud - I can't download security recommendations to a CSV. I could for nearly 90 days straight and can download all others.
Hi, I can't download security recommendations to a csv file from: Microsoft Defender for Cloud | Recommendations from either the: Secure score recommendations or All recommendations tabs in Azure. I was able to do so yesterday and nearly every day since…
asked 2022-05-31T13:57:58.173+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(3.2, 57.99999999999999%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
John M. Kimball
1
Reputation point
commented 2024-05-31T12:52:55.9+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 10%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMS%3C/text%3E%3C/svg%3E)
Miller, Stephen
0
Reputation points
0 answers
Info required for migration of MMA to Windows defender Unified agent.
Please help me to identify the specific process for that Microsoft Defender unified agent is running on the server. Scenario is that there are some servers in the environment running with 2012R2 and 2016. And MMA is running on the servers. As a result,…
asked 2024-05-31T05:22:12.44+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 30%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFS%3C/text%3E%3C/svg%3E)
Fadikar, Subhadip
0
Reputation points
edited the question 2024-05-31T06:22:23.9566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 2%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK%3C/text%3E%3C/svg%3E)
kguntaka
1,090
Reputation points Microsoft Vendor
0 answers
Microsoft defender is alerting for vulnerable version of nuget package in Azure Function's ".azurefunctions/function.deps.json" file"
Hi Champs, I'm facing a typical problem with my function app and MS defender for cloud. Defender is raising issues for my deployed function(written in c#) as: Even after installing latest nuget package, "function.deps.json" file is not…
Azure Functions
Azure Functions
An Azure service that provides an event-driven serverless compute platform.
4,422 questions
Azure
Azure
A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.
1,033 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,228 questions
asked 2024-05-30T05:26:36.4033333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 31%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPD%3C/text%3E%3C/svg%3E)
Pratim Das, Partha C
306
Reputation points
edited the question 2024-05-31T01:04:10.4133333+00:00
Pratim Das, Partha C
306
Reputation points
2 answers
P1 and P2 Defender Plans are active at the same time and the same Azure Ressource
Hello, We use a standard Microsoft Policy to activate Azure Defender for Servers P1 via tags on our Azure ARC Servers. The policy in question is "Configure Azure Defender for Servers to be enabled ('P1' subplan) for all resources (resource level)…
asked 2024-05-14T12:11:39.25+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 67%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3E0%3C/text%3E%3C/svg%3E)
00640061
0
Reputation points
commented 2024-05-30T18:24:38.0033333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 43%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
Monalla-MSFT
12,196
Reputation points
1 answer
How to notify security team members of assigned alerts/incidents in Microsoft Defender
Is there a way to send email notifications to someone when we assign an alert or incident specifically to them in Microsoft Defender? We already have email notifications set up for new alerts, but we're wondering if there is a way to notify team members…
asked 2024-05-29T19:10:08.59+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(259.20000000000005, 56.00000000000001%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFD%3C/text%3E%3C/svg%3E)
Fraley, David
0
Reputation points
answered 2024-05-30T17:59:35.03+00:00
Carlos Solís Salazar
17,106
Reputation points MVP
6 answers
Defender 365 admin console - Disabled Connected to a custom indicator & Connected to a unsanctionned blocked app rules
I want to know how I can disable these two following alerts : Disabled Connected to a custom indicator Connected to an unsanctioned blocked app I didn't find these alerts on the Alerts Policy of XDR/EPP or Cloud apps. Since all the changed that…
asked 2024-03-21T14:28:41.46+00:00
Étienne Fiset
45
Reputation points
answered 2024-05-30T15:10:47.2666667+00:00
Étienne Fiset
45
Reputation points
1 answer
If Defender for Blob doesn't scan a file (no tags) is there anything we can do to force it to look again?
We have a system that scans all files uploaded to blob on upload. However, we've noticed that occassionally some files just never get scanned (i.e. never get the tags against them). In the documents it does say this can happen if the file throughput is…
asked 2024-05-29T14:02:34.32+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(169.60000000000002, 52%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EER%3C/text%3E%3C/svg%3E)
Ed Russell
0
Reputation points
commented 2024-05-30T13:59:47+00:00
Ed Russell
0
Reputation points
0 answers
How to get the impacted asset (user or client) when fetching alerts (v2) from Defender using API?
Hello, I followed this documentation to list alerts from Defender https://learn.microsoft.com/en-us/graph/api/security-list-alerts_v2?view=graph-rest-beta&tabs=http While I am getting the output, it is very different from when I fetch the alerts…
asked 2024-05-30T13:30:38.1333333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 81%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERB%3C/text%3E%3C/svg%3E)
Rawad BASSIL
0
Reputation points
asked 2024-05-30T13:30:38.1333333+00:00
Rawad BASSIL
0
Reputation points
0 answers
Google play update is disappeared from Security menu in Android CAT phone
Google play update is disappeared from Security menu in one of Android CAT phone which used by my mother watching YouTube last month. so far , can not update google play. There are hacking traffic to enable bluetooth, NFC, ons, emergency information…
asked 2024-05-30T05:54:21.9933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 65%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHY%3C/text%3E%3C/svg%3E)
Ho Yeung, Lee
1
Reputation point
edited the question 2024-05-30T05:57:13.1633333+00:00
Ho Yeung, Lee
1
Reputation point
1 answer
How to stop ATP clicking links in Phishing simulation emails
I have logged in to Microsoft Defender for O365 and configured the Phishing Simulation tab under Email & collaboration > Policies & rules > Threat policies > Advanced delivery. But something ATP wise is still clicking the links in my…
asked 2024-05-14T10:05:54.43+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(176, 18%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
DOdmin
0
Reputation points
commented 2024-05-30T05:16:58.9166667+00:00
Akshay-MSFT
16,676
Reputation points Microsoft Employee
0 answers
Defender for cloud not enable some of the subscription
Hi, We have added 23 subscriptions to a single management group and enabled Defender for cloud at the management group level, and assigned NIST 00-53. However, only 2 of the 23 subscriptions are showing the Defender state as "OFF".…
asked 2024-05-30T02:20:43.16+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 72%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJC%3C/text%3E%3C/svg%3E)
Joseph, Christopher
0
Reputation points
asked 2024-05-30T02:20:43.16+00:00
Joseph, Christopher
0
Reputation points
1 answer
Standard Recommendations with Source "Defender for Cloud"
Recommendations under Compliance Standards (e.g. Azure CSPM (Preview) Standard) are tagged with source field as "Policy" or "Defender for Cloud". whats the difference between recommendations that are sourced from policy vs defender…
asked 2024-05-23T20:55:59.75+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 17%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETB%3C/text%3E%3C/svg%3E)
Tropo Bridge
0
Reputation points
edited a comment 2024-05-29T14:03:09.0466667+00:00
Tropo Bridge
0
Reputation points
1 answer
Enable Defender For Storage malware scanning using ARM template.
I have this resource definition: //Defender For Storage { "type": "Microsoft.Security/DefenderForStorageSettings", "apiVersion": "2022-12-01-preview", "name":…
asked 2024-05-29T10:34:05.5533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 54%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDB%3C/text%3E%3C/svg%3E)
Denys Bielov
25
Reputation points
commented 2024-05-29T12:05:22.0166667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 50%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anushka
165
Reputation points
3 answers
One of the answers was accepted by the question author.
Error durin on-upload malware scan activation for storage account
I created Event Grid topic and want to assign it to Microsoft Defender report pipeline. When I enable on-upload scan for my storage account and select my topic, I get Plan enablement partially succeeded. Could not enable on-upload malware scanning:…
asked 2024-05-21T16:29:33.4633333+00:00
Denys Bielov
25
Reputation points
answered 2024-05-29T10:30:08.2266667+00:00
Denys Bielov
25
Reputation points
1 answer
Microsoft 365 Defender - How to get more meaningful email alerting?
How can I get more meaningful email alerts using the Microsoft 365 Defender? Because every time I get the email alert, the email is not as informative like the below: Microsoft 365 Defender has detected a security threat in your environment View incident…
asked 2024-05-27T13:00:44.4566667+00:00
EnterpriseArchitect
4,896
Reputation points
answered 2024-05-28T15:31:10.0266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 74%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERM%3C/text%3E%3C/svg%3E)
Rich Matheisen
45,261
Reputation points