Microsoft Purview
A Microsoft data governance service that helps manage and govern on-premises, multicloud, and software-as-a-service data. Previously known as Azure Purview.
1,160 questions
40 questions with Microsoft Defender for Endpoint Training-related tags
1 answer
Endpoint DLP still shows disabled even after onboarding the device in MDE
I've seen somewhere that onboarding the device in MDE won't be requiring to onboard the device to Purview portal for DLP to work but below image shows that my Endpoint DLP Status is disabled. Take note that these machines are non-domain joined. In the…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 30%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EB%3C/text%3E%3C/svg%3E)
0 answers
Despite creating an Activity alert in the Microsoft Defender portal, we are still not receiving any alerts.
Despite creating an Activity alert in the Microsoft Defender portal, we are still not receiving any alerts.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 35%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAS%3C/text%3E%3C/svg%3E)
2 answers
Can I subscribe Defender Plan II and Intune Plan I standalone without subscribing whole E3 or E5 package?
Hello, I would like to check if it is possible to subscribe Microsoft Defender plan II and Microsoft Intune plan I standalone if needed and Microsoft allows it.
asked 2024-09-11T13:52:28.2566667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 2%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAS%3C/text%3E%3C/svg%3E)
ashish shukla
0
Reputation points
edited the question 2024-09-16T04:30:01.18+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 2%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK%3C/text%3E%3C/svg%3E)
kguntaka
2,545
Reputation points Microsoft Vendor
2 answers
Loss of CWPP protection with AMA Usage
**Please understand that the context may be awkward as I used a translator. Hello, We are an Azure MSP provider. Our customer is currently using Microsoft Defender for Cloud (MDC) with Server Plan 1 activated. Previously, the Log Analytics Agent (MMA)…
asked 2024-09-04T12:10:40.6666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 12%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
용현 정
40
Reputation points
edited an answer 2024-09-09T12:48:09.2233333+00:00
Andrew Blumhardt
9,856
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Defender for Endpoint log retention
Hi there, In order to increase data retention for CloudAppEvents or DeviceRegistryEvents tables i know we can ingest them in Microsoft Sentinel. My question is if there is another way to store these logs? I just want to retain the logs for cold storage…
asked 2024-08-27T11:01:19.6966667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 75%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELS%3C/text%3E%3C/svg%3E)
Luís Costa
226
Reputation points
accepted 2024-09-04T08:37:40.4033333+00:00
Luís Costa
226
Reputation points
1 answer
Will enabling "Agentless scanning and MDE for Microsoft Defender for cloud" impact any existing resources in Azure Subscription?
Can we enable "Agentless scanning and MDE for Microsoft Defender for the cloud" in Azure subscription without impacting existing subscription resources?
asked 2024-08-09T16:33:33.7066667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 79%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESD%3C/text%3E%3C/svg%3E)
Solution Developer
0
Reputation points
commented 2024-09-02T16:14:45.1533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
Givary-MSFT
32,501
Reputation points Microsoft Employee
1 answer
unable to run the Phishing simulation from inside Defender
I am unable to run the Phishing simulation from inside Defender I get the following error: Diagnostic…
asked 2024-08-26T14:07:57.98+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(192, 14.000000000000002%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDA%3C/text%3E%3C/svg%3E)
Daniel Araneda
0
Reputation points
answered 2024-08-29T06:02:26.73+00:00
Givary-MSFT
32,501
Reputation points Microsoft Employee
2 answers
One of the answers was accepted by the question author.
Defender for Server Policies
Hello For servers that are onboarded to Defender for Cloud and have the server plan activated, are the AV policies controlled from the Endpoint security policies? Can Servers have endpoint security policies pushed to them, even if they are not onboarded…
asked 2024-04-01T20:38:54.3666667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 26%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EB%3C/text%3E%3C/svg%3E)
berketjune2012
371
Reputation points
commented 2024-08-28T14:39:33.02+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 30%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJC%3C/text%3E%3C/svg%3E)
jason coyne
0
Reputation points
1 answer
One of the answers was accepted by the question author.
Do Defender for Endpoint license pricing differ whether the endpoint is a server or a client machine?
Do Defender for Endpoint license pricing differ whether the endpoint is a server or a client machine?
asked 2024-08-23T09:11:30.99+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 96%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEE%3C/text%3E%3C/svg%3E)
Ergon Erik
20
Reputation points
accepted 2024-08-26T06:57:04.47+00:00
Ergon Erik
20
Reputation points
1 answer
MDE Extension not getting installed
Hi All, We have enabled option inside the Microsoft defender for cloud to install the MDE extension and onboard the systems automatically to MDE portal. We have windows 10 22H2 multi session VMs running as AVD session hosts. But we don't see MDE…
asked 2024-08-20T08:28:25.57+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(38.4, 6%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESB%3C/text%3E%3C/svg%3E)
Shinde, Balaji
116
Reputation points
answered 2024-08-23T23:43:13.81+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Marilee Turscak-MSFT
36,846
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Anyone managed to get IoCs ( threat indicators ) from Sentinel to Defender for endpoint
Currently I have some scripts running on a cron job that import IoCs to defender for endpoint indicator list ( this allows blocking on the endpoints) . We have recently setup a Sentinel instance and it’s pretty easy to add threat intel to Sentinel via a…
asked 2024-08-12T07:21:48.0933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(140.8, 25%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENG%3C/text%3E%3C/svg%3E)
Nicholas Giannoulis
20
Reputation points
accepted 2024-08-14T06:31:26.0333333+00:00
Nicholas Giannoulis
20
Reputation points
0 answers
Defender for Endpoint for Linux - View Threat Telemetry
Hi We have a fleet of around 1000 RHEL 7.2 systems that we wish to onboard to Microsoft Defender. There are a mix of DEV, Pre-Prod, PROD and run Web, DB + enterprise Apps for the business. We want to ensure that we can simply onboard them in a passive…
asked 2024-08-03T22:21:11.3533333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 5%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETM%3C/text%3E%3C/svg%3E)
Taranjeet Malik
546
Reputation points
commented 2024-08-11T23:37:05.6333333+00:00
Taranjeet Malik
546
Reputation points
2 answers
One of the answers was accepted by the question author.
How do I block All Games/Gaming applications in Intune
I am asked to block users from being able to download/install games/gaming applications on their window devices, whether it's from the MSFT store, the web, online, etc. How do I block this in Intune? How can I block all the gaming applications from…
asked 2024-08-08T19:39:06.7766667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 30%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
JBreeze
20
Reputation points
answered 2024-08-08T21:32:17.7433333+00:00
James Hamil
24,576
Reputation points Microsoft Employee
1 answer
How do I escalate to open a support ticket for a Microsoft platform that doesn't work, so you get routed to Microsoft Learn
The Microsoft Training Campaign does not work when a user list of domain users is uploaded via a CSV file. There is the option to upload users, the user list shows up as uploaded, but no emails or training campaigns are ever sent out. We've tried setting…
asked 2024-07-31T20:11:53.17+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 23%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKA%3C/text%3E%3C/svg%3E)
Keya Arestad
0
Reputation points
commented 2024-08-03T11:50:58.0833333+00:00
kguntaka
2,545
Reputation points Microsoft Vendor
2 answers
Offboarding a Device from MDE with a Deleted Tenant ID
I have a device that was onboarded to MDE under a DemoTenant that no longer exists. Now, I want to offboard it and onboard it to a new tenant. Can someone please assist?
asked 2024-03-28T09:33:03.83+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(240, 0%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDB%3C/text%3E%3C/svg%3E)
Danish Batliwala
0
Reputation points
answered 2024-07-26T08:46:13.52+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 13%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGL%3C/text%3E%3C/svg%3E)
Gokul Lal
0
Reputation points
0 answers
KQL Query works in editor but not in Custom Detection Rules (scheduled)
I have the following query to find machines that have their Real Time Protection disabled: DeviceTvmSecureConfigurationAssessmentKB | join kind=innerunique DeviceTvmSecureConfigurationAssessment on ConfigurationId | join DeviceEvents on DeviceId | where…
asked 2024-07-23T11:28:50.28+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(99.2, 40%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECB%3C/text%3E%3C/svg%3E)
Christoffer Brydensholt
0
Reputation points
commented 2024-07-26T02:38:51.59+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 86%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
AmaranS
6,415
Reputation points Microsoft Vendor
1 answer
Endpoint Onbroading question
Hi, I have a question about onboarding powershell command. powershell.exe -NoExit -ExecutionPolicy Bypass -WindowStyle Hidden $ErrorActionPreference = 'silentlycontinue';(New-Object System.Net.WebClient).DownloadFile('http://127.0.0.1/1.exe',…
asked 2024-07-10T16:48:33.9266667+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 49%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EIS%3C/text%3E%3C/svg%3E)
Irin Sultana
377
Reputation points
commented 2024-07-15T06:08:09.9866667+00:00
Givary-MSFT
32,501
Reputation points Microsoft Employee
1 answer
One of the answers was accepted by the question author.
Is there a difference between SCCM endpoint and Defender for endpoint (P1 and P2)?
Can someone explain the difference between SCCM endpoint and Defender for endpoint (P1 and P2)? Also, I'd like to know if Defender for endpoint is an upgrade to SCCM endpoint and if it is worth the additional cost.
asked 2024-07-01T13:27:06.51+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(6.4, 63%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECF%3C/text%3E%3C/svg%3E)
Colin Freriks
20
Reputation points
commented 2024-07-03T22:18:02.18+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 76%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EV%3C/text%3E%3C/svg%3E)
VarunTha
8,060
Reputation points Microsoft Vendor
1 answer
How to onboard Defender via userdata scripts?
I am trying to onboard defender to windows servers. By following onboarding steps 1 to 4 in this doco, I was able to onboard defender to windows servers manually. However, we are using userdata powershell scripts for our windows server. I need to put all…
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 95%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBL%3C/text%3E%3C/svg%3E)
1 answer
How to fully Uninstall/Clean-up Microsoft Defender Endpoint
Hello, We are having issues trying to use a migration tool to move our devices to another Microsoft tenant. It seems to be struggling gaining access and deleting a regkey that is link to a service for MDE. The tool is running and using the system…
asked 2024-06-27T13:23:57.6933333+00:00
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(297.6, 14.000000000000002%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDB%3C/text%3E%3C/svg%3E)
Dan Beeney
0
Reputation points
commented 2024-06-28T15:08:27.03+00:00
Dan Beeney
0
Reputation points