User Profile
nopnop
Copper Contributor
Joined 4 years ago
User Widgets
Recent Discussions
- Again Help with Discover FunctionsHi, We are getting alerts named "PowerShell Suspicious Discovery Related Windows API Functions" about executing a ps script named with numbers under the path "C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\DataCollection\". Are these legit actions or not? The query contains: NetShareEnum NetWkstaUserEnum NetSessionEnum NetLocalGroupEnum NetLocalGroupGetMembers DsGetSiteName DsEnumerateDomainTrusts WTSEnumerateSessionsEx WTSQuerySessionInformation LsaGetLogonSessionData QueryServiceObjectSecurity Thank you.
- PowerShell Suspicious Discovery Related Windows API Functions alerts about C:\ProgramData\Microsoft\Hi, We are getting alerts named "PowerShell Suspicious Discovery Related Windows API Functions" about executing a ps script named with numbers under the path "C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\DataCollection\". Are these legit actions or not? The query contains: NetShareEnum NetWkstaUserEnum NetSessionEnum NetLocalGroupEnum NetLocalGroupGetMembers DsGetSiteName DsEnumerateDomainTrusts WTSEnumerateSessionsEx WTSQuerySessionInformation LsaGetLogonSessionData QueryServiceObjectSecurity Thank you.
- Source Code ClassifierHi Everyone, I am sharing this topic again because I really need help. I've tried the same trainer in teams and it works. Why the endpoint does not work? I have a DLP policy for Endpoint in Purview as the following: I want to detect when any source code shared and block. But when I try to share a code file e.g within a browser it does not block, I cannot detect. ,the policy does not work. Is it not work for endpoint? How can I make it work? Could you please help?
- Source Code Trainable ClassiferHi Everyone, I have a DLP policy for Endpoint in Purview as the following: I want to detect when any source code shared and block. But when I try to share a code file e.g within a browser it does not block, I cannot detect. ,the policy does not work. Is it not work for endpoint? How can I make it work? Could you please help?
- Re: DLP License RequirementsI think I couldn't explain it clearly. What I want to learn simply is that how many license do i need. Do I need licenses as much as users or just one is enough to use DLP for endpoint feature for the all company? Because to use that feature device onboarding is needed. So, should I buy the licenses for each device? This is not a situation related terms violation.4KViews0likes1Comment
- Re: DLP License RequirementsI couldn't find the answers which I'm looking for from there. So, I have just one Microsoft 365 E5 License, I can continue to use the DLP for Endpoint for the all company users without assigning it as long as the License is available? That is true?VasilMichev4.2KViews0likes3Comments
- DLP License RequirementsHi everyone, I have using DLP endpoint as trial. Now I purchased an E5 license. What to do to continue use the DLP without losing any config or data? Does it matter who am i assigning or do I have to assign someone? One E5 license are enough for our company or how manyI need? CAn I use the DLP endpoint as long as E5 license expires or how? Do I need to take any action? Could you answer these questions please? Thank you so much.
Recent Blog Articles
No content to show