User Profile

Sohel68

Copper Contributor

Joined 5 years ago

23 Posts2 Likes

View All Badges

User Widgets

Recent Discussions

Can MDE alert when user uploads data via web browser (Chrome\Edge)
I am looking to see if anyone has a rule set in MDE to send an alert when a useruploads data via a web browser (Chrome\Edge). I really appreciate any help you can provide.
Oct 02, 2023 Place Microsoft Defender for Endpoint
424Views
0likes
1Comment
Can Defender for Endppoint alert on the download of any executable from the Internet?
Looking to if this is even possible fromDefender for Endpoint alert on the download of any executable from the Internet? Thanks in advance
Sep 26, 2023 Place Microsoft Defender for Endpoint
651Views
0likes
1Comment
Looking for KQL query when high volume of USB writes happens by a user
Hello, I did some online search, but I couldn't find any working one yet. I'm looking for query which I can use in Advance threat hunting in MDE to generate an alert when a user copies huge number of data to an external USB drive. your help is much appreciated. thanks.
Jul 12, 2023 Place Microsoft Defender for Endpoint
3.7KViews
0likes
8Comments
How can I de-duplicate systems in Intune
Any ideas? Thanks.
Feb 28, 2022 Place Microsoft Intune
MEM
7.2KViews
1like
10Comments
Block Bluetooth file transfer
Can we use Defender for Endpoint to block file transfer using Bluetooth? We use Intune\MEM. Thanks.
Feb 19, 2022 Place Microsoft Defender for Endpoint
35KViews
0likes
5Comments
How to import bulk indicators to Microsoft defender security center
Hello, I'm new in Microsoft, I'm trying to import IoC's using a CSV file to "Microsoft Defender Security Center -> Indicators". I know how to do a single hash, but I'm looking for bulk import. sample file is not very hlepful. Any suggestions!! Thanks.
May 11, 2021 Place Microsoft Defender for Endpoint
8.3KViews
0likes
1Comment
Managing Bitlocker from MEM vs Config manager
I'm new to Microsoft Bitlocker, currently we use McAfee to manage and encrypt our devices, however, the plan is to move all devices to Microsoft and manage them via Intune/MEM in a few months. I'm running into issues with Bitlcoker policies, they are not getting applied properly when applied from Intune/MEM. Microsoft support is recommending that I should consider using a standalone "MBAM". We have SCCM (Config manager) in place and our systems are co-managed. Our workload has been configured for Intune\MEM to manage "Endpoint protection". Questions: 1) Should I use SCCM (config manager) just for "Bitlocker" and disable "Bitlocker" policy in Intune\MEM? 2) Manage "Bitlocker" policy from Intune\MEM only? 3) Setup a standalone MBAM to manage "Bitlcoker"? Your help is much appreciated
Feb 22, 2021 Place Configuration Manager
Managing Bitlocker
1.8KViews
0likes
3Comments
Migrating to Bitlocker
Hello all, I'm new to Microsoft, we have been a McAfee shop for a long time and now moving to Microsoft world. I have configured and created policies for Bitlocker in Intune, however, when I move systems to device group in Intune Bitlocker is not becoming active. Systems are hybrid joined. anyone migrated from McAfee encryption to bitlocker? and if so, can you share your experience? also, is it better to manage bitlocker policies from SCCM (configuration manager)?
Feb 12, 2021 Place Microsoft Learn
463Views
0likes
0Comments

Groups

Recent Blog Articles