cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Defender monitoring "browser extensions"

Matthias_Maier
Copper Contributor

‎Aug 24 2023 08:14 AM

‎Aug 24 2023 08:14 AM

Defender monitoring "browser extensions"

Hi Community,

I started the 90day trial of "Microsoft Defender Vulnerability Management Add-on" for my users/computers.
I like to see all installed browser extensions to verify if we need to react and manage them.


Sadly only a 13 out of 130 clients are sending data to the portal. (running the test already for a week now)
I have not found any logs or information which way the computers send their information to the defender portal.

Any suggestions here?

 

Not sure but maybe also only a few PCs report ASR-Audit/Warn/Block messages.

 

Thx

324 Views
0 Likes
4 Replies
Reply
4 Replies
eliekarkafy

‎Aug 24 2023 11:12 AM

‎Aug 24 2023 11:12 AM

Re: Defender monitoring "browser extensions"

did you license all the users that are using Microsoft Defender Vulnerability Management ?
0 Likes
Reply
Matthias_Maier

‎Sep 04 2023 12:15 AM

‎Sep 04 2023 12:15 AM

Re: Defender monitoring "browser extensions"

Microsoft wrote that during the test-phase all users are licensed automatically...
which also seems to work, because users / devices which report data are also having no license assigned

I have been on holiday for a week and had the settings running
still only 15 out of 100 PCs are reporting
0 Likes
Reply
eliekarkafy

‎Sep 04 2023 01:21 AM

‎Sep 04 2023 01:21 AM

Re: Defender monitoring "browser extensions"

@Matthias_Maier verify the add on license from the licensing blade is assigned to the users that have devices onboarded to MDE  

 

eliekarkafy_0-1693815674250.png

 

0 Likes
Reply
Matthias_Maier

‎Sep 07 2023 06:57 AM

‎Sep 07 2023 06:57 AM

Re: Defender monitoring "browser extensions"

I tried with my user and a licensed assigned for a few days now...
still no data received.

It is not duo to licensing... Computers/Users reporting data have also no license assigned.
Like I wrote "during the test-phase all users are licensed automatically"

It has to be some kind of setting which blocks most of the computers to report data.
It is not in our network, since office, homeoffice and remoteoffice some computers report, most do not report.

Is there anyone who knows which log-files are interesting to look at or some registry-settings?
I can't find any technical information about how the browser-extensions are checked and communicated from defender to azure.

Thx
0 Likes
Reply