Forum Widgets
Latest Discussions
DevOps Security: MDC-ADO integration through Service account
Hi All, Is it possible to integrate MDC-ADO Integration with Service Account? When I attempted to authorize ADO in MDC during the integration process, it appears to only accept individual accounts. Does anyone have insights on how to utilize a Service Account for this integration?Cost Calculator for Defender for Cloud (Public Preview)
Did you know Microsoft Defender for Cloud has a built-in cost calculator to easily calculate the costs of protected resources in your cloud environment? No? Well, I didn’t either until I stumbled upon the button in the MDC portal myself. Apparently, Microsoft announced the preview for the MDC cost calculator last month, on February 19, 2025. With this post, I’m sharing my experience with this new cost calculator for Microsoft Defender for Cloud, providing guidance and comparing available options to calculate the costs. https://myronhelgering.com/cost-calculator-for-defender-for-cloud/
Sensitivity Data Flag will not be deleted after Settings are changed
We have a lot of storage accounts which are flaged with risk factor "Sensitive Data" which also means all storage Accounts which have this label have risklevel critical. We deactivated Sensitive Data Scan but nothing happens As I got it correct once a resource is flagged with "Sensitive Data" the flag will not delete anymore What we did so far: turn off/on/off… the data scanning turn off/on/off Data sensitivity deselect all of different data sensitivity categories like Finance, PII, and Credentials turn off/on/off threshold for sensitive data labels turn off/on complete Defender There is also a support ticket where the support can the recommendation was to open a discussion here to have the product team look at this error (#2502031420002278)
Alert FineTuning(Sev:Low): Vulnerability Scanner Detection
Hi, we are seeing a high number of "Vulnerability Scanner Detection" alerts and facing challenges during analysis: The alerts often show Microsoft IP addresses, and some of them appear malicious. Can we fine-tune this to capture the actual IP scanning the environment? How can we determine whether the scan was successful or failed, for example, by using status codes like 200 or 404? Is there a way to identify if the app service is using platforms like Joomla, Drupal, WordPress, or others? Looking forward to your support on this.
Enable Bring Your Own License (BYOL)
A customer uses Bring your own license (BYOL) capability, which is being deprecated, to deploy Qualys extension in their VMs. They are questioning about the deprecation, this deprecation implicates the deploy won't be more available, but what happen with the machines already has deployed the Qualys extension? Will the extension be removed from machines, since it was deployed via BYOL? Or after deprecated the extension continues working for the already deployed machines?Defender for Servers plans
Article: defender-for-servers This article states the plan names as Defender for Servers Plan 1 and 2. Neither of these show up in the licensing marketplace. I do see "Microsoft Defender for Business servers", but there are no level 1 or 2 options. The article above was last updated 12/2024. Not sure where to go from here.
Defender for Database - SQL Server on Machine Pricing
Hi Folks , while we enable defender on Databases ( enable SQL server on machine ) do we also need to enable on Server ( which is running SQL Server). Also defender for Server cost - 15$ /server/month and SQL Server on Machine cost -15$/Server/month, Separate cost for both will be applicable ? apart from enabling toggle do we need any addition configuration for enabling defender for Databases ?what is recommended setting of workspace for AMA configuration ( default or custom ) can we choose sentinel workspace ?
How to programmatically assign security standards on Defender for Cloud
Hi all, i would like to know if there is a way to programmatically (REST API, Terraform,...) activate custom secutity Standards on Defender for Cloud. Basically the step 6 on this guide https://learn.microsoft.com/en-us/azure/defender-for-cloud/update-regulatory-compliance-packages. I didn't found any way to do that. I have a policySet that i would like to activate in an automated way. Any ideas? Thank you in advance!Defender for Server deployed, integration for DfE checked, but M365 Defender showing "Can be onboard
I'm sure I'm missing something in the slightly complicated way of enabling servers for DfE via Defender for Cloud Server. The licensing is in-place the checkboxes to share data are ticked. The servers are showing as onboarded in Defender for Cloud however, the one portal to rule them all - Microsoft Defender 365 - is still showing the servers as "Can be onboarded" and missing the data of a properly onboarded DfE client. Where should I start my troubleshooting to determine what I've missed or what is going wrong? Paul
