Jan 04 2024 03:42 AM
Hi,
Received an alert from endpoint stating that "Possible tampering with protected processes". Post checking the details it says "SenseCE.exe process protection level has dropped". Could someone help me with an investigation? SenseCE.exe is a Windows process don't know how it got downgraded. The screenshot is attached fyr.
Jan 16 2024 09:59 PM
Hey @Kapildev_C
Are you running any other antivirus or RMM (Remote Management and Monitoring) based services on that system by chance?
Im wondering if someone has tried to overrite the Microsoft Defender for Endpoint Sense Classification Engine (SenseCE.exe)
Are you running any labels or Data Loss Prevention policies across your fleet?
Jan 17 2024 02:16 AM