New blog post | One click to cover containers & Kubernetes in Defender CSPM (agentless)
Defender CSPM contextual security capabilities assists security teams in the reduction of the risk of impactful breaches. Defender CSPM uses environment context to perform a risk assessment of your security issues. Defender CSPM identifies the biggest security risk issues, while distinguishing them from less risky issues. One click to cover containers & Kubernetes in Defender CSPM (agentless) - Microsoft Community Hub
Submit same file twice get different results
Not sure if here is the right place to post this message. I have a c++ program build with Visual Studio 2017. I uploaded the exe file to security intelligence, and got "No malware detected" for both client and cloud protection, but after a while when I clicked the "Rescan Submission" button, it instantly showed "Program:Win32/Wacapew.C!ml" under cloud protection. The strange thing is, I uploaded the same file again as developer, it finally showed "No malware detected" after period of time waiting. How could this happen, same file got different results, really frustrating.alert on External Sharing event
I'm trying to create an alert that will inform Security team on External Sharing event from Teams. I found that there are some controls over SharePoint and then some Activity Types related to sharing... but I don't know what each of this action means and how to narrow down to only 'external sharing'? - is there detailed documentation describing each Action Type for each App? - how distinguish between external/internal? thx!
