Forum Discussion

53CU1t's avatar
53CU1t
Copper Contributor
Aug 23, 2022

Defender for endpoint (server) on azure DevOps agent pool

Hi,

I would like to know if defender for endpoint (server) on azure DevOps agent pool (virtual machine scale set) is recommended or actually supported. Every time the azure DevOps agent is installed on a agent pool machine the user AzDevOps is created and recognized as „creation of suspicious user account" a suspicious user was added alert in defender portal. What would you recommend to avoid that alerts? Suppress Rules based on F

Kind Regards Sebastian

1 Reply

  • ygnreddy's avatar
    ygnreddy
    Copper Contributor
    May 08, 2023

    53CU1t 

     

    We have noticed this too, Azure DevOps Agents Extension creates the user and we feel that is triggering the alert. But the alert won't get raised every time when the agent is started. Did you just suppress the alert or did you find the exact reason for that alert?