User Profile
BillClarksonAntill
Iron Contributor
Joined 6 years ago
User Widgets
Recent Discussions
Re: Report file read on storage account
Heydrhorg2230 Some additional questions to assist you Are you storing this in a storage account using blob storage, and have you considered defender for storage as a defense mechanism Monitoring is another option, but are you wanting to monitor for security or usage?362Views0likes0CommentsRe: DLP policy is not syncing with endpoints for more than 5 days
Heysaravanan82 I'm starting to wonder if its an issue between the Tenant and the Device? Have you by chance checked with Microsoft to see if they are experiencing any issues? Also have you tried to reinstall the agent to make sure its up-to-date on the device?Re: How does Microsoft Azure ensure data security & compliance for businesses storing PII data
HeyAashimaSharma Just to confirm,How does Microsoft Azure ensure data security & compliance for businesses storing PII datais your question? Microsoft has many compliance standards its infrastructure needs to follow. If you are looking for information on this, see the below links Datacenter Security here Microsoft Azure Compliance Documentation here871Views0likes0CommentsRe: DLP policy is not syncing with endpoints for more than 5 days
Heysaravanan82 If you're leveraging endpoint dlp and have onboarded devices to Microsoft Purview, you will be able to tell a specific device to sync with purview to receive it's assigned policies, but only if the device is reporting as being out of sync. To do this, you can: login tocompliance.microsoft.com Select "Settings" from the menu on the left Select "Device onboarding" Find and select any out of sync device if that doesn't work, try forcing a sync from in security.microsoft.com Select "Devices" Find the Device in your device inventory Click on the 3 dots and select policy sync This will be dependent on if you are using the MDE attach method with your device fleet or not6.4KViews0likes5CommentsRe: Possible tampering with protected processes on one endpoint
HeyKapildev_C Are you running any other antivirus or RMM (Remote Management and Monitoring) based services on that system by chance? Im wondering if someone has tried to overrite theMicrosoft Defender for Endpoint Sense Classification Engine (SenseCE.exe) Are you running any labels orData Loss Prevention policies across your fleet?829Views0likes1CommentRe: Office 365 Exchange Online is detected as a Risky workload
HeyProgentCT It would be a number of issues with this and why its being detected as a Risky workload, check out the following link for guidance Securing workload identities with Microsoft Entra ID Protection - Microsoft Entra ID Protection | Microsoft Learn Typically in my experience it could be the way the Service Principal has been configured etc Is there any further information you can provide without giving away any compromising details354Views0likes0CommentsRe: Get notified by email when someone tries access or login with service account credentials in m365 te
HeyVinodS2020 There are many different ways you could complete this Defender for Endpoint, Defender for Cloud Apps, Microsoft Sentinel I assume Defender for cloud apps would be your preferred option315Views0likes0CommentsRe: Where can i create a support ticket for an issue with MDATP (LINUX)
HeyMark_Alkema Few ways you can achieve this You can contact Microsoft Support via there phone numbers here or you can go into the security.microsoft.com portal and on the right upper most corner there is a question mark select that and type in some random text into the search field, and click enter After that the "Contact Support" button should appear down the bottom to create a ticket437Views0likes0Comments
Groups
Recent Blog Articles
No content to show