Missing alerts from MDI, suspicious additions to sensitive groups

Don't forget to mark helpful and like my comment if you find helpful

If you are experiencing missing alerts from Microsoft Defender and suspicious additions to sensitive groups, it could be an indication of a potential security threat or a misconfiguration of your system. Here are some steps you can take:

1. Check the configuration of Microsoft Defender: Make sure that Microsoft Defender is properly configured and that all the necessary features are enabled. Check if the alert settings are properly configured and if there are any exclusions that might be affecting the detection of suspicious activities.
2. Run a full system scan: Perform a full system scan using Microsoft Defender to identify any potential malware or other security threats on your system.
3. Check group membership: Verify the membership of sensitive groups to ensure that only authorized users have access. Review the audit logs to determine if there have been any unauthorized changes to group membership.
4. Investigate suspicious activities: If you identify any suspicious activities or changes, investigate them further to determine the cause and take appropriate action. This could include disabling compromised accounts, revoking privileges, and changing passwords.
5. Consider getting help: If you are unable to resolve the issue on your own, consider getting help from a qualified security professional or Microsoft support. They can help you investigate and address the issue to ensure the security of your system.
Remember that prevention is always better than cure. Regularly updating your software and implementing strong security practices can help prevent security incidents before they occur.