Microsoft 365 Defender Blog

Options
2,126
Heike Ritter on Oct 03 2022 12:45 PM
1,975
Simaya_Ouli on Sep 22 2022 06:40 AM
3,995
assafyatziv on Sep 22 2022 06:39 AM
3,143
Heike Ritter on Sep 01 2022 10:13 AM
10.3K
Tali Ash on Aug 24 2022 06:15 AM
6,530
doredry on Aug 24 2022 06:00 AM
6,506
Naama Schlesinger on Aug 18 2022 11:24 AM
5,185
Keith_Fleming on Aug 08 2022 06:00 AM
5,878
Heike Ritter on Aug 01 2022 09:13 AM
9,351
Heike Ritter on Jul 01 2022 08:21 AM
4,895
Yulia_Zhurbinsky on Jun 23 2022 01:31 PM
5,024
Oren_Saban on Jun 20 2022 08:12 AM
2,537
Idan_Pelleg on Jun 16 2022 05:46 AM
2,709
Michael Shalev on May 18 2022 12:27 AM
2,214
Anand Menon on May 13 2022 05:24 PM
13.5K
assafyatziv on May 12 2022 09:31 AM
5,850
Tali Ash on Mar 09 2022 09:48 AM
3,168
Idan_Pelleg on Mar 06 2022 01:07 AM
5,725
Oren_Saban on Feb 22 2022 01:51 PM
3,487
Michael Shalev on Feb 17 2022 10:17 AM
4,428
assafyatziv on Dec 15 2021 03:15 AM
3,826
Chris Hallum on Dec 07 2021 10:57 AM
7,698
Tali Ash on Nov 02 2021 01:13 PM
3,462
Idan_Pelleg on Oct 03 2021 07:29 AM
13.3K
Idan_Pelleg on Sep 02 2021 08:22 AM
5,559
VipulPandey on Aug 24 2021 05:33 AM
13.5K
Heike Ritter on Aug 13 2021 10:05 AM
5,750
Heike Ritter on Aug 04 2021 11:33 AM
5,146
Aviv_Eldan on Jul 08 2021 09:18 AM

Latest Comments

Security experts at ACE Managed Security are thrilled at the announcement of the unified threat intelligence community. With new threats emerging at any given moment, being a part of a community of threat hunters will benefit from SIEM analysts and threat responders immensely. ACE Managed SIEM, one ...
0 Likes
Do you happen to know if this will be able to delineate MDE alerts which have had suppression applied or if excludes them altogether? The old v1 Alerts Graph excluded them but the new Streaming API does not which forced us to stay with SIEM API because of the APIs inability to do this. Roadmap wise,...
0 Likes
Hello @Keith_Fleming , thank you. Currently, I do not have a requirement for this. I just thought about it, because it might become a requirement to have multiple session policies targeting the same group.
0 Likes
Hi @MOD-A830, The scoping for the label occurs in the CA policy in this case with the use of authentication context. If you do have multiple policies scoped to SharePoint that overlap with multiple groups its possible you might seem some unexpected behavior. Currently the Defender for Cloud Apps pol...
0 Likes
Can this policy (in Defender for Cloud Apps) conflict with any other policies that are filtered to SharePoint Online as app? For example, if I want to block file download for sensitive data from SharePoint for a specific group, then I would scope my CA policy to this group and add a filter in Defend...
0 Likes