cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Defender for Endpoint for macOS feedback

Danny Grasso
Brass Contributor

‎Aug 30 2021 08:33 PM

‎Aug 30 2021 08:33 PM

Defender for Endpoint for macOS feedback

Hi MDE humans,

 

Two points of feedback to MDE on macOS which we are trialing internally. 

Client ran a full scan after being concerned about security on their macOS. The full scan scanned not only the root volume but also the time machine mount attached to the mac. The issue was that the time machine device stored terabytes of data and took days to scan.

The interesting behavior out of this is that while MDE detected adware within a DMG, I did not get an alert in M365 Defender until the scan had finished.

 

So two requests:

1. Is there a way to limit scanning to not follow symlinks across the network - similar to how a full scan on Windows will do C: by default but not network attached drives.

2. Can we be notified through MDE when the threat is found in a full scan - not on completion of the scan.

 

Thanks

 

Danny

 

454 Views
0 Likes
0 Replies
Reply
0 Replies