Recent Discussions
Want to earn an Exclusive Security Tech Community Badge? Take our quick survey!
Hey there Security Tech Community! As we prepare for Microsoft Ignite, we’re building a focused, practitioner-led security roundtable and we want your input to ensure it reflects the most relevant and pressing topics in the field. We invite you to take a short survey and share the security topics, trends, and technical questions you want to see covered. Your input will directly influence the structure and substance of the Ignite Security Roundtable. The first 5 people to post a screenshot for proof of survey completion in the comments below will receive this "Microsoft Security Star" Badge to add to their Tech Community profile! TAKE THE SURVEY NOW: https://aka.ms/IgniteSecurityRoundtableSurvey2025
Low reputation
I am an independent developer, and I've been unable to publish https://github.com/teamatica on the Microsoft Store for about https://teamatica.org/history-en.txt — it keeps getting rejected due to "10.2.10 Security": I realize this is because I'm not well-known, but how can I build a reputation when it’s impossible? Microsoft blocks the download: Microsoft even prevents it from being opened: Sure, I could provide a step-by-step guide on https://teamatica.org/check-digital-signature-dark-en.gif my app, but, as experience has shown, users don’t trust unfamiliar apps (and rightly so!), because Microsoft has conditioned them for years to avoid running unknown software: "Make sure you trust before you open it" and "Running this app might put your PC at risk". Don't get me wrong: as a regular user, I fully support these security measures because they truly work and help. But as an independent developer, I don’t know what to do :( My app doesn't engage in cryptojacking, doesn't initiate unauthorized network activity, and https://app.any.run/tasks/0faaf878-0f1f-49fc-a6a4-2c197bd9ac48 to users — it doesn't transmit any data to me and/or third parties, doesn't use telemetry and/or monitoring tools, doesn't track actions and/or location, doesn't have built-in diagnostics and/or analytics, doesn't request privilege escalation, doesn't collect statistics and doesn't learn from personal data. My app passes all the necessary https://www.microsoft.com/en-us/wdsi/filesubmission: And I can’t afford an https://ssl.com/faqs/which-code-signing-certificate-do-i-need-ev-ov/ since I’m an individual, not an organization: But my app gets blocked anyway. So... does anyone have any ideas on what I can do in my situation?Microsoft Security Fun Friday Week 5! This week's game- Spot the Phish!
Hey there Security Tech Community! We're back with Week 5 of our Security Fun Fridays. This week's game is Spot the Phish! Phishing is a very common cyberattack that typically targets emails and lures victims to click phony hyperlinks that share their personal information. Below I will post 3 screenshots of example Phishing Attacks and I want you to identify the most OBVIOUS ISSUE in each one. The first 2 people to respond in the comments with all 3 correct answers will earn our new "Microsoft Security Star" Badge to add to their profile. I will give everyone until Wednesday 3/19 to guess before I reveal the correct answers and award the badges (so even if 2 people answer before you, they may not be correct). Good luck! Note: This badge is only given out during Fun Friday games or by being an outstanding member of the community, so it is very exclusive! SPOT THE PHISH!
Microsoft Security Fun Friday Week 4! This week's game- FACT OR FICTION
Hey there Security Tech Community! We're back with Week 4 of our Security Fun Fridays. This week's game will be Fact or Fiction! Below are FIVE statements related to cybersecurity and it is up to YOU to determine whether the statements are Facts (true) or Fiction (false). The first THREE people to respond below in the comments with all five correct answers will earn our new "Microsoft Security Star" Badge to add to their profile. I will give everyone until TUESDAY 2/25 before I post the answer key and award the badges (so even if 3 people answer before you, they may not be correct). Good luck! Note: This badge is only given out during Fun Friday games or by being an outstanding member of the community, so it is very exclusive! STATEMENTS: An organization has deployed Microsoft 365 applications to all employees. Per the shared responsibility model, Microsoft is responsible for the accounts and identities relating to these employees. Data sovereignty is the concept that data, particularly personal data, is subject to the laws and regulations of the country/region in which it's physically collected, held, or processed. Multifactor authentication works by requiring a user to provide multiple forms of identification to verify that they are who they claim to be. The Zero Trust model operates on the principle of “constantly be collecting information about your systems, vulnerabilities, and attacks.” Wardriving is the name of a common network attack where the cybercriminal compromises a router in the network to eavesdrop on, or alter, data.Microsoft Security Fun Friday Week 2! This week's game- Security Crossword.
Hey Tech Community! We're back with Week 2 of our Security Fun Friday. The first to complete and post a screenshot in the comments of today's Security-themed Crossword Puzzle will earn our new "Microsoft Security Star" Badge to add to their profile! This badge will only be given out during these Fun Friday games or by being an outstanding member of the community, so it will be very exclusive! Also just like last week, if you have any ideas of other fun games that you would like to see in the future, please comment below. Good luck and happy solving!
Easiest way to view remediated risk detections?
I'm looking in Lighthouse at a series of risky logins that are remediated. The thing is, this tenant previously experienced a breach that got remediated, so I'm trying to be extra cautious. When I click "View in Entra", it brings up no risk detections. If I navigate to Protection > Risky Activities > Risky Sign-Ins I get nothing. Switching to all statuses, I still get nothing. Same thing happens if I got to Risk Detections, nothing. Short of bringing up each user, and checking every single login to try to find what was risky, is there a way I can see these once the statuses are remediated? It seems like I SHOULD able to... But here are the different ways I've tried filtering Risk detections: Risky Sign-Ins Trying to understand the users popping in Lighthouse, but they don't appear with any of these filters (or the defaults).... Anyone able to advise? THanksDLP Policy Tip Stopped Working in SharePoint/OneDrive
Greetings, I created a DLP policy in Microsoft Purview several years ago to display a policy tip to users and it has been working until recently. No changes have been made to the policy. Now, when I go to a SharePoint document library, whether I hover on a sensitive document to see the "View policy tip" or select on the details pane, I no longer see the policy tip information. If I try to share the sensitive document, I also see the "View policy tip". However, this time it shows a Policy tip details dialog box "Policy tip couldn't be displayed. Please try again." Has anyone seen this? Could you share the solution to fix it? Thanks!
Unable to access Update 3 for Microsoft Advanced Threat Analytics 1.9
Hi, Microsoft Tech Community and Ricky Simpson from Microsoft, I cannot download Update 3 for Microsoft Advanced Threat Analytics 1.9. Whenever I tried to access the download update from this https://support.microsoft.com/en-us/topic/description-of-update-3-for-microsoft-advanced-threat-analytics-1-9-954cb9b7-9646-78ce-2000-2a257b64df7c, it seemed the ID number 56725 was missing, and an error code of 404 was returned. Tried URL: https://www.microsoft.com/download/details.aspx?id=56725 Hope you can fix this problem as soon as possible, because Microsoft ATA still plays an important role in most of the enterprise network, including my company's network. Best regards for all people in the communityMissing remediation actions
Hi everyone, Remediation actions such as Disable/Enable user in AD, Force password reset are currently not available through the Defender portal (user page, advanced hunting). Anyone aware of this change? https://learn.microsoft.com/en-us/defender-for-identity/remediation-actions#supported-actions
MDI & gMSA config
Hi, We have followed the MDI Deployment guide from Microsoft: https://learn.microsoft.com/en-us/defender-for-identity/deploy/deploy-defender-identity We have also cross referenced this guide: https://jeffreyappel.nl/how-to-implement-defender-for-identity-and-configure-all-prerequisites/ The MDI Portal shows the gMSA account. The MDI agents are running fine and reporting to the MDI Portal. However, when we look at Services.msc on the Domain Controllers, the MDI agent runs under the security context of "Local Service" and not the gMSA account. Can anyone advise us on whether this is correct? or should we see the gMSA account in Service.msc console? And what other config may be required to make it run under the gMSA account? Thank you SK (screenshot below)
Events
We begin our webinar series with a review of the latest IDC whitepaper on secure access strategies for the AI era. The document examines how organizations are focusing on integrating identity and net...
Online
The second webinar bridges theory to practice. Now that you know why unification matters, it’s time to learn how to get started. In this foundations panel session hosted by Identity Expert, Merill Fe...
Online
Recent Blogs
- 4 MIN READAs organizations navigate the complexities of modern cloud environments, embedding security early in the architecture lifecycle proves invaluable. For privacy and compliance requirements I will p...Sep 24, 2025
- 7 MIN READIn today’s rapidly evolving threat landscape, cybersecurity demands more than just great technology—it requires great teamwork. That’s the story behind the collaboration between Microsoft Defender Ex...Sep 18, 2025
