SOLVED

defender rules/definitions

%3CLINGO-SUB%20id%3D%22lingo-sub-2238391%22%20slang%3D%22en-US%22%3Edefender%20rules%2Fdefinitions%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2238391%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%3EIs%20it%20possible%20to%20get(read)%20the%20list%20of%20active%20defender%20rules%2Fdefinitions%3F%20For%20example%2C%20the%20list%20of%20all%20file%20hashes%20that%20defender%20checks%20for%3F%20Or%20all%20the%20malware%2Fvirus%20samples%20defender%20already%20has%20protection%20for.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EWe%20basically%20want%20to%20know%20if%20there%20are%20currently%20any%20definitions%20for%20this%20new%20Pheonix%20Ransomeware.%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2238391%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EDefender%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ERules%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2251381%22%20slang%3D%22en-US%22%3ERe%3A%20defender%20rules%2Fdefinitions%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2251381%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F723498%22%20target%3D%22_blank%22%3E%40LuisRomero%3C%2FA%3E%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EYou%20can%20view%20Threat%20Intelligence%20information%20about%20threats%20like%20Phoenix%20here%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fwdsi%2Fthreats%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fwdsi%2Fthreats%2F%3C%2FA%3E%26nbsp%3B(you%20can%20search%20for%20threats).%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EAdditionally%2C%20you%20can%20see%20more%20information%20about%20Microsoft%20Security%20Intelligence%20here%3A%20%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fwdsi%2Fthreats%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fwdsi%2Fthreats%2F%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EDoes%20that%20help%3F%3C%2FP%3E%0A%3CP%3E%3CBR%20%2F%3EThanks%2C%3C%2FP%3E%0A%3CP%3EMarc%3C%2FP%3E%3C%2FLINGO-BODY%3E
Regular Visitor

Is it possible to get(read) the list of active defender rules/definitions? For example, the list of all file hashes that defender checks for? Or all the malware/virus samples defender already has protection for.

 

We basically want to know if there are currently any definitions for this new Pheonix Ransomeware.

1 Reply
best response confirmed by LuisRomero (Regular Visitor)
Solution

@LuisRomero,

 

You can view Threat Intelligence information about threats like Phoenix here: https://www.microsoft.com/en-us/wdsi/threats/ (you can search for threats).

 

Additionally, you can see more information about Microsoft Security Intelligence here: https://www.microsoft.com/en-us/wdsi/

 

Does that help?


Thanks,

Marc