Security, Compliance, and Identity AMA topics https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/bd-p/MicrosoftSecurityandComplianceAMA Security, Compliance, and Identity AMA topics Sat, 16 Oct 2021 11:00:50 GMT MicrosoftSecurityandComplianceAMA 2021-10-16T11:00:50Z That's a Wrap! https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/that-s-a-wrap/m-p/2392905#M361 <P><SPAN>Thank you for j</SPAN><SPAN>oining us and voicing your questions and feedback during this fun hour.</SPAN></P> <P>&nbsp;</P> <P>We hope you'll continue to ask questions and share your feedback. If you have any further questions you are more than welcome to ask them in our dedicated space for <A href="https://gorovian.000webhostapp.com/?exam=t5/microsoft-defender-for-office/bd-p/MicrosoftDefenderforOffice365" target="_self">Defender for Office 365</A>.</P> <P>&nbsp;</P> <P>See you next time! </P> <P>&nbsp;</P> <P>Summary attached.</P> Fri, 28 May 2021 16:43:36 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/that-s-a-wrap/m-p/2392905#M361 Trevor_Rusher 2021-05-28T16:43:36Z Off topic - MDI in portal https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/off-topic-mdi-in-portal/m-p/2392875#M360 <P>When can we expect to see the MDI config pages in the M365 Security Center?</P> Thu, 27 May 2021 16:58:59 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/off-topic-mdi-in-portal/m-p/2392875#M360 Dean Gross 2021-05-27T16:58:59Z We're making configuration easier than ever! https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/we-re-making-configuration-easier-than-ever/m-p/2392824#M352 <P><SPAN>Over the past many months, we’ve been on an aggressive journey to eliminate misconfigurations across Office 365 – to give customers the right tools to achieve secure posture simply and maintain these configurations over time. To learn more, check out our recent blog series, <A href="https://gorovian.000webhostapp.com/?exam=t5/microsoft-defender-for-office/mastering-configuration-in-defender-for-office-365-part-one/ba-p/2300064" target="_self">Mastering Configuration</A>!&nbsp;</SPAN></P> Thu, 27 May 2021 16:51:17 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/we-re-making-configuration-easier-than-ever/m-p/2392824#M352 Giulian Garruba 2021-05-27T16:51:17Z Whitelisting https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/whitelisting/m-p/2392823#M351 <P>1. We have some system mailboxes for ticketing systems where we need to ensure that mails are not blocked because of "Junk detection" but we still would want to block Spoof/Phishing mails. Right now the only real option seems to be to go with an ETR and set the SCL -1 which is allowing more than we want to. Is there a way to only disable the Junk Filter to avoid False/Positives in a scenario like this where we can not filter by senders?</P><P>2. Is there any information what exactly qualifies ad "high confidence phish"? Did not find anything so far.</P><P>3. The filtering stack diagram is great! Is there also any overview which parts are excluded for example when setting SCL -1 in a ETR? Or when working with allowed IPs in the Connection Filter.</P> Thu, 27 May 2021 16:51:15 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/whitelisting/m-p/2392823#M351 BlaaaBlaaBla 2021-05-27T16:51:15Z Microsoft Defender for Endpoint AV scan and Sandbox capability https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/microsoft-defender-for-endpoint-av-scan-and-sandbox-capability/m-p/2392743#M348 <P>Hi all, I am working in an organization which has Microsoft Defender E5 License. I wanted to ask two things,</P><P>1. After running a Full AV scan on endpoint device from Microsoft Defender for Endpoint, the report that we get is only completion report, no mentioning of how many files scanned and number of remediation's made by the AV. So can you help in this matter or is that i am missing something.</P><P>2. Is there any Sandboxing capabilities introduced in Microsoft o365 defender</P> Thu, 27 May 2021 16:49:08 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/microsoft-defender-for-endpoint-av-scan-and-sandbox-capability/m-p/2392743#M348 Mazhar1675 2021-05-27T16:49:08Z Investigating email threats is now easier than ever! https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/investigating-email-threats-is-now-easier-than-ever/m-p/2392708#M347 <P>Have you tried the new capabilities that are now available to help Microsoft Defender for Office 365 and Microsoft 365 Defender customers investigate emails? Email preview for cloud mailboxes, exposing details for detonated URLs and attachments, header analysis and more!!</P> <P><A href="https://gorovian.000webhostapp.com/?exam=t5/microsoft-defender-for-office/introducing-the-email-entity-page-in-microsoft-defender-for/ba-p/2275420" target="_blank">Introducing the Email Entity Page in Microsoft Defender for Office 365!</A></P> Thu, 27 May 2021 16:43:00 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/investigating-email-threats-is-now-easier-than-ever/m-p/2392708#M347 Sumit Malhotra 2021-05-27T16:43:00Z Defender for Endpoint WITHOUT SCCM or InTune https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/defender-for-endpoint-without-sccm-or-intune/m-p/2392650#M342 <P>Much of the documentation online refers to other tools for managing Defender for Endpoint.&nbsp; Where can we find Endpoint best practice recommendations for direct management within the Security and Compliance Center itself?</P> Thu, 27 May 2021 16:36:39 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/defender-for-endpoint-without-sccm-or-intune/m-p/2392650#M342 CAndersonBrouse 2021-05-27T16:36:39Z Enabling preset policies https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/enabling-preset-policies/m-p/2392535#M336 <P>How can determine what will be impacted if a preset policy is enabled? my clients want assurance that business processes won't be affected.</P> Thu, 27 May 2021 16:24:44 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/enabling-preset-policies/m-p/2392535#M336 Dean Gross 2021-05-27T16:24:44Z ZAP / Automated investigations API https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/zap-automated-investigations-api/m-p/2392534#M335 <P>As an MSSP we handle a lot of investigations is there a way to handle them through an API?</P> Thu, 27 May 2021 16:24:36 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/zap-automated-investigations-api/m-p/2392534#M335 KustoKing 2021-05-27T16:24:36Z Operationalizing the portal https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/operationalizing-the-portal/m-p/2392493#M333 <P>where can i find specific operational procedures for the integrated portal. There are so many choices and things that can be done, its hard to figure out what must be done each day, week, and month</P> Thu, 27 May 2021 16:22:45 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/operationalizing-the-portal/m-p/2392493#M333 Dean Gross 2021-05-27T16:22:45Z SCL/BCL levels https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/scl-bcl-levels/m-p/2392467#M332 <P>I've deployed several MDO instances, but deploying the settings always feels like making an educated guess.</P><P>&nbsp;</P><P>Is there a best practice to define the best way for the SCL level?</P> Thu, 27 May 2021 16:21:33 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/scl-bcl-levels/m-p/2392467#M332 KustoKing 2021-05-27T16:21:33Z Partial Remediation https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/partial-remediation/m-p/2392425#M331 <P>We are seeing many incidents with a Partially Remediated status. and the statement "<SPAN>A problem prevented the remediation of some malicious entities." What causes this, what is the problem and how can we fix it?</SPAN></P> Thu, 27 May 2021 16:20:20 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/partial-remediation/m-p/2392425#M331 Dean Gross 2021-05-27T16:20:20Z Have you checked out our recent Business Email Compromise blogs? https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/have-you-checked-out-our-recent-business-email-compromise-blogs/m-p/2392424#M330 <P>Hello All,</P><P>Wanted to provide a refresher that we recently posted a series of blogs on Business Email Compromise and how MDO provides comprehensive protections. Would love to hear community feedback on it.</P><P>1.&nbsp;<A href="#" target="_blank" rel="noopener">Business email compromise: How Microsoft is combating this costly threat - Microsoft Security</A></P><P>2.&nbsp;<A href="https://gorovian.000webhostapp.com/?exam=t5/microsoft-defender-for-office/business-email-uncompromised-part-one/ba-p/2159900" target="_blank" rel="noopener">https://gorovian.000webhostapp.com/?exam=t5/microsoft-defender-for-office/business-email-uncompromised-part-one/ba-p/2159900</A>&nbsp;</P><P>3.&nbsp;<A href="https://gorovian.000webhostapp.com/?exam=t5/microsoft-defender-for-office/business-email-uncompromised-part-two/ba-p/2167246" target="_blank" rel="noopener">https://gorovian.000webhostapp.com/?exam=t5/microsoft-defender-for-office/business-email-uncompromised-part-two/ba-p/2167246</A>&nbsp;</P><P>4.&nbsp;&nbsp;<A href="https://gorovian.000webhostapp.com/?exam=t5/microsoft-defender-for-office/business-email-uncompromised-part-three/ba-p/2247693" target="_blank" rel="noopener">Business Email Compromise Part Three (microsoft.com)</A></P> Thu, 27 May 2021 16:21:47 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/have-you-checked-out-our-recent-business-email-compromise-blogs/m-p/2392424#M330 Abhishek Agrawal (CDM) 2021-05-27T16:21:47Z removing items from allow list https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/removing-items-from-allow-list/m-p/2392423#M329 <P>many of my clients want to keep items on the allow sender/domains list. How can I get them to stop doing this?</P> Thu, 27 May 2021 16:18:55 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/removing-items-from-allow-list/m-p/2392423#M329 Dean Gross 2021-05-27T16:18:55Z Estimate of Support Overhead https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/estimate-of-support-overhead/m-p/2392248#M311 <P>Question from&nbsp;<LI-USER uid="654750"></LI-USER>&nbsp;-</P> <P><SPAN>We're deploying this solution within my company - following the implementation phase, what would be the Microsoft estimate of the support overhead needed to maintain Defender for O365 in hours per month? Our MSP is implying 6-8 hours a month of on-going tuning.</SPAN></P> Thu, 27 May 2021 16:00:41 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/estimate-of-support-overhead/m-p/2392248#M311 Trevor_Rusher 2021-05-27T16:00:41Z Welcome to the Microsoft Defender for Office 365 AMA! https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/welcome-to-the-microsoft-defender-for-office-365-ama/m-p/2392230#M310 <P>Welcome to the Defender for Office 365 Ask Microsoft Anything (AMA)! This live hour gives you the opportunity to ask questions and provide feedback directly to the Microsoft Defender for Office 365&nbsp;<SPAN style="font-family: inherit;">team.</SPAN></P> <P>&nbsp;</P> <P>Post your questions in a&nbsp;<STRONG>new thread</STRONG>&nbsp;within the&nbsp;<A style="background-color: #ffffff;" href="https://gorovian.000webhostapp.com/?exam=t5/security-compliance-identity-ama/bd-p/MicrosoftSecurityandComplianceAMA" target="_blank" rel="noopener">Security, Compliance, and Identity AMA Space,</A>&nbsp;by clicking on, "Start a New Conversation" at the top of the page.</P> <P>&nbsp;</P> <P>Subject Matter Experts- Please introduce yourself by replying to this thread.</P> <P>&nbsp;</P> Thu, 27 May 2021 16:00:08 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/welcome-to-the-microsoft-defender-for-office-365-ama/m-p/2392230#M310 Trevor_Rusher 2021-05-27T16:00:08Z Announcing a Microsoft Defender for Office 365 AMA! https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/announcing-a-microsoft-defender-for-office-365-ama/m-p/2351957#M301 <DIV class="lia-message-subject-wrapper lia-component-subject lia-component-message-view-widget-subject-with-options"> <DIV class="MessageSubject"><SPAN style="font-family: inherit;">We are very excited to announce our latest 'Ask Microsoft Anything' AMA centered around Microsoft Defender for Office 365. Learn more about how&nbsp;<SPAN>Microsoft Defender for Office 365 can help safeguard your organization against malicious threats posed by email messages, links (URLs), and collaboration tools.</SPAN></SPAN></DIV> </DIV> <DIV id="bodyDisplay" class="lia-message-body lia-component-message-view-widget-body lia-component-body-signature-highlight-escalation lia-component-message-view-widget-body-signature-highlight-escalation"> <DIV class="lia-message-body-content"> <P>&nbsp;</P> <P>The AMA will take place on Thursday, May 27, 2021, from 9:00 a.m. to 10:00 a.m. PT in the<SPAN>&nbsp;</SPAN><A href="https://gorovian.000webhostapp.com/?exam=t5/security-compliance-identity-ama/bd-p/MicrosoftSecurityandComplianceAMA" target="_blank" rel="noopener">Security, Compliance, and Identity AMA Space</A>. Add the event to your calendar and view it in your time zone<SPAN>&nbsp;</SPAN><A href="#" target="_blank" rel="nofollow noopener noreferrer">here</A>.</P> <P>&nbsp;</P> <P>An AMA is a live online event similar to a "YamJam" on Yammer or an "Ask Me Anything" on Reddit. This AMA gives you the opportunity to connect with members of the product engineering team who will be on hand to answer your questions and listen to feedback.<BR /><BR /></P> <span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="MicrosoftDefenderforOffice365AMA.png" style="width: 999px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/280537i8BD948CDE2EF89F2/image-size/large?v=v2&amp;px=999" role="button" title="MicrosoftDefenderforOffice365AMA.png" alt="MicrosoftDefenderforOffice365AMA.png" /></span> <P>&nbsp;</P> <P>&nbsp;</P> </DIV> </DIV> Thu, 13 May 2021 17:15:34 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/announcing-a-microsoft-defender-for-office-365-ama/m-p/2351957#M301 Trevor_Rusher 2021-05-13T17:15:34Z That's a wrap! https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/that-s-a-wrap/m-p/2351941#M299 <P><SPAN>Thank you for j</SPAN><SPAN>oining us and voicing your questions and feedback during this fun and action-packed hour.&nbsp;</SPAN><SPAN>&nbsp;<BR /></SPAN><BR />Summary attached below.</P> Fri, 14 May 2021 19:13:49 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/that-s-a-wrap/m-p/2351941#M299 Dylan Snodgrass 2021-05-14T19:13:49Z Logging and Alerting in a Hybrid Environment https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/logging-and-alerting-in-a-hybrid-environment/m-p/2351788#M293 <P>So, I am working in a company where we are re-vamping the entire concept of how we do security, to include a centralized SOC/CERT at the company HQ-level, who are responsible for bringing logging in from ALL of our divisions and subsidiaries; translating those events into a common operational picture of the current state of alerts and events across the company; and investigating alerts and events that would indicate a security incident.</P><P>&nbsp;</P><P>We are going all-in on establishing a data lake where these events would be coming in, stored and analyzed. Still not sure about using Sentinel or going another route. My question to the team here...is there a definitive document or documents from MS that says, "these are the minimum logs you would want/need" for effective monitoring of a hybrid, on-prem, multi-cloud provider environment?</P><P>&nbsp;</P><P>A centralized, best practices documents or series of would be ideal!</P> Thu, 13 May 2021 16:29:05 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/logging-and-alerting-in-a-hybrid-environment/m-p/2351788#M293 Edwin_CyberSecurityGuy 2021-05-13T16:29:05Z Managed SOC https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/managed-soc/m-p/2351683#M282 <P>With the increasing popularity of Defender for Endpoint and the rest of the MS security stack would MS consider offering some sort of managed SOC service or is that something you would rather have other vendors do?&nbsp;</P> Thu, 13 May 2021 16:17:59 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/managed-soc/m-p/2351683#M282 joel_bello 2021-05-13T16:17:59Z Microsoft Defender for Endpoint on Mac https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/microsoft-defender-for-endpoint-on-mac/m-p/2351668#M281 <P><SPAN><LI-USER uid="1053111" login="Jody_Cedola"></LI-USER>&nbsp;</SPAN>What is the ETA for Defender for Endpoint supporting M1 Macs? Is there anything on the roadmap to be able to isolate Macs like can be done for Windows 10 devices?</P> Thu, 13 May 2021 16:17:40 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/microsoft-defender-for-endpoint-on-mac/m-p/2351668#M281 mcooper75 2021-05-13T16:17:40Z Better integration with defender and seintenl https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/better-integration-with-defender-and-seintenl/m-p/2351635#M280 Are there any plans for better integration for how events are handled with the two applications? Is it possible that if incident is closed in security get automaticity gets closed in seintel and vise versa Thu, 13 May 2021 16:19:32 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/better-integration-with-defender-and-seintenl/m-p/2351635#M280 shane007 2021-05-13T16:19:32Z Ingesting data from Drupal https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/ingesting-data-from-drupal/m-p/2351357#M279 <P>A client want to ingest data from Drupal into Sentinel. Does anyone have any suggestions about which approach would be appropriate?&nbsp;<LI-USER uid="46875"></LI-USER>&nbsp;</P> Thu, 13 May 2021 15:42:26 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/ingesting-data-from-drupal/m-p/2351357#M279 Dean Gross 2021-05-13T15:42:26Z Azure Defender and Azure Security Center RSA updates https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/azure-defender-and-azure-security-center-rsa-updates/m-p/2351602#M278 <P>Hello tech community, we have experts online waiting to answer your questions on AMA. However it is awfully quiet here. Looks like it is the perfect opportunity to share our announcements blog that went out yesterday. Check it out:&nbsp;</P> <DIV><A tabindex="-1" title="https://gorovian.000webhostapp.com/?exam=t5/azure-security-center/general-availability-of-new-capabilities-in-azure-defender-rsa/ba-p/2349382" href="https://gorovian.000webhostapp.com/?exam=t5/azure-security-center/general-availability-of-new-capabilities-in-azure-defender-rsa/ba-p/2349382" target="_blank" rel="noreferrer noopener">https://gorovian.000webhostapp.com/?exam=t5/azure-security-center/general-availability-of-new-capabilities-in-azure-defender-rsa/ba-p/2349382</A></DIV> <DIV>And here is a good read on securing hybrid work:</DIV> <DIV><A href="#" target="_blank">Securing a new world of hybrid work: What to know and what to do - Microsoft Security</A></DIV> <DIV>We are here to help. Please share any questions you have.</DIV> <DIV>Cheers.</DIV> <DIV>D.</DIV> Thu, 13 May 2021 16:12:48 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/azure-defender-and-azure-security-center-rsa-updates/m-p/2351602#M278 Devrim 2021-05-13T16:12:48Z Sentinel Syslog Collector https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/sentinel-syslog-collector/m-p/2351589#M277 <P>Hello,</P><P>&nbsp;</P><P>Are there any plans to be able to send Syslog messages directly to Sentinel without the linux log collector?</P> Thu, 13 May 2021 16:12:23 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/sentinel-syslog-collector/m-p/2351589#M277 mperrotta 2021-05-13T16:12:23Z Microsoft 365 E1 licensing? https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/microsoft-365-e1-licensing/m-p/2351552#M276 <P>I'm admin for my organization. What is the best way to implement threat protection in M365 admin center. I read that the old defender is retiring soon. I saw a portal switch - is that going to be included in our M365 E1 licensing?</P> Thu, 13 May 2021 16:12:07 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/microsoft-365-e1-licensing/m-p/2351552#M276 Meche2270 2021-05-13T16:12:07Z Welcome to the Threat Protection AMA! https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/welcome-to-the-threat-protection-ama/m-p/2351503#M267 <P>Welcome to the Threat Protection Ask Microsoft Anything (AMA)! This live hour gives you the opportunity to ask questions and provide feedback directly to the team&nbsp;<SPAN>on how Microsoft 365 Defender, Azure Defender, and Azure Sentinel can help protect your changing workplace.</SPAN></P> <P>&nbsp;</P> <P>Please introduce yourself by replying to this thread. Post your questions in a <STRONG>new thread</STRONG> within the<SPAN>&nbsp;</SPAN><A href="https://gorovian.000webhostapp.com/?exam=t5/security-compliance-identity-ama/bd-p/MicrosoftSecurityandComplianceAMA" target="_blank" rel="noopener">Security, Compliance, and Identity AMA Space,</A><SPAN>&nbsp;</SPAN>by clicking on, "Start a New Conversation" at the top of the page.</P> Thu, 13 May 2021 16:00:13 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/welcome-to-the-threat-protection-ama/m-p/2351503#M267 Dylan Snodgrass 2021-05-13T16:00:13Z Announcing a Threat Protection AMA! https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/announcing-a-threat-protection-ama/m-p/2298877#M266 <P>We are very excited to announce a Threat Protection AMA 'Ask Microsoft Anything' (AMA) on how Microsoft 365 Defender, Azure Defender, and Azure Sentinel can help protect your changing workplace.</P> <P>&nbsp;</P> <P>The AMA will take place on Thursday, May 13, 2021, from 9:00 a.m. to 10:00 a.m. PT in the<SPAN>&nbsp;</SPAN><A href="https://gorovian.000webhostapp.com/?exam=t5/security-compliance-identity-ama/bd-p/MicrosoftSecurityandComplianceAMA" target="_blank" rel="noopener">Security, Compliance, and Identity AMA Space</A>. Add the event to your calendar and view it in your time zone<SPAN>&nbsp;</SPAN><A href="#" target="_blank" rel="nofollow noopener noreferrer">here</A>.</P> <P>&nbsp;</P> <P>An AMA is a live online event similar to a "YamJam" on Yammer or an "Ask Me Anything" on Reddit. This AMA gives you the opportunity to connect with members of the product engineering team who will be on hand to answer your questions and listen to feedback.<BR /><BR /><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="ThreatProtectionAMA.png" style="width: 999px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/275964iBD56205E522C0DF2/image-size/large?v=v2&amp;px=999" role="button" title="ThreatProtectionAMA.png" alt="ThreatProtectionAMA.png" /></span><BR /><BR /></P> <P>&nbsp;</P> Tue, 27 Apr 2021 22:59:26 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/announcing-a-threat-protection-ama/m-p/2298877#M266 Dylan Snodgrass 2021-04-27T22:59:26Z That's a wrap! https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/that-s-a-wrap/m-p/1484235#M262 <P><SPAN>Thank you for joining us and voicing your questions and feedback in this Azure Active Directory AMA! </SPAN></P> <P>&nbsp;</P> <P><SPAN>We'll post a summary of the event when it's available. See you next time!&nbsp;</SPAN></P> Tue, 23 Jun 2020 17:01:51 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/that-s-a-wrap/m-p/1484235#M262 Eric Starker 2020-06-23T17:01:51Z bitlocker keys saved in azuread accessible by endusers https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/bitlocker-keys-saved-in-azuread-accessible-by-endusers/m-p/1484207#M258 Hi,<BR />currently facing the issue where enduser can request their own bitlocker recovery keys. This is a process we would like to have an approval flow on as malicious use to recover encrypted drives could be possible.<BR /> Tue, 23 Jun 2020 16:52:25 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/bitlocker-keys-saved-in-azuread-accessible-by-endusers/m-p/1484207#M258 Sander de Wit 2020-06-23T16:52:25Z Just 10 minutes to go! https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/just-10-minutes-to-go/m-p/1484199#M257 <P>Make sure you ask your questions before the hour ends!&nbsp;</P> Tue, 23 Jun 2020 16:50:46 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/just-10-minutes-to-go/m-p/1484199#M257 Eric Starker 2020-06-23T16:50:46Z Timeline AAD Connect v2 endpoint https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/timeline-aad-connect-v2-endpoint/m-p/1484191#M255 <P>Can you provide an idea by when the v2 endpoint will be GA? We are looking forward syncing a few AD groups with 50k+ users.</P><P>&nbsp;</P><P>And will it ever possible to failover or sync two instances of AAD Connect?</P><P>&nbsp;</P><P>Thanks!</P><P>&nbsp;</P><P>Bart</P> Tue, 23 Jun 2020 16:49:23 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/timeline-aad-connect-v2-endpoint/m-p/1484191#M255 bart vermeersch 2020-06-23T16:49:23Z Azure 12 month free period https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/azure-12-month-free-period/m-p/1484140#M253 <P>How is the cost of integration of other cloud e.g. MuleSoft Anypoint cloud, calculated?</P><P>&nbsp;</P><P>Is Visual Studio Ultimate include in this 12 month period?</P><P>&nbsp;</P> Tue, 23 Jun 2020 16:37:01 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/azure-12-month-free-period/m-p/1484140#M253 michaelbyrd 2020-06-23T16:37:01Z Combined registration MFA/SSPR https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/combined-registration-mfa-sspr/m-p/1484110#M249 <P>Hello</P><P>&nbsp;</P><P>To start using the "new" MFA flows, it is necessary to enable combined registration (SSPR/MFA), correct?</P><P>&nbsp;</P><P>If you can't use password write-back (because the master of the passwords is not in AD), you're stuck with the older MFA screens (management side and end-user side).</P><P>&nbsp;</P><P>Are there plans to release the new MFA flows with SSPR disabled?</P><P>&nbsp;</P><P>Thanks!</P><P>Bart</P> Tue, 28 Jul 2020 02:16:29 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/combined-registration-mfa-sspr/m-p/1484110#M249 bart vermeersch 2020-07-28T02:16:29Z P2 enabling https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/p2-enabling/m-p/1484081#M247 <P>I'm doing a job for a client National Rural Electric Cooperative (NRECA) and P2 is currently not enabled.&nbsp; The client has e5 licenses for 1000+ users.&nbsp; When we turned audio licenses on in the E3 before moving to E5 an email was sent to the end users.&nbsp; If we turn on P2 will the users get an email or notification?&nbsp; If so, can you provide that notification so we can send a notice out to users.&nbsp; I'd like to get this turned on so we can begin setting up some of the diagnostics and PIM pieces.</P><P>&nbsp;</P><P>Thank you,</P><P>Robin</P> Tue, 23 Jun 2020 16:22:43 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/p2-enabling/m-p/1484081#M247 Nmflyboy 2020-06-23T16:22:43Z AzureAD Last sign in activity for a user https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/azuread-last-sign-in-activity-for-a-user/m-p/1484071#M244 <P>Hi All</P><P>&nbsp;</P><P>When might this property of a user become visible, either through the native AAD portal, or in the sign logs, or perhaps in Powershell for AAD?&nbsp;</P><P>&nbsp;</P><P>I've been able to cobble something together with the GraphAPI but the other options would be much easier for me and my customers :)</img>&nbsp;</P><P>&nbsp;</P><P>I have a specific requirement for locating stale users within AAD.</P> Tue, 23 Jun 2020 16:21:04 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/azuread-last-sign-in-activity-for-a-user/m-p/1484071#M244 PeterJ_Inobits 2020-06-23T16:21:04Z Long Term access to POP3 and SMTP resources using OAuth 2 https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/long-term-access-to-pop3-and-smtp-resources-using-oauth-2/m-p/1484051#M240 <P>Looking through the OAuth2 implementation, the accepted grant types for web servers are documented as either Client credentials, for a daemon, or Authorization Code. Client Credential flow does not appear to grant POP3 or SMTP access as per documentation, and Authorization Code flow seems to have a fixed expiry on refresh tokens.</P><P>&nbsp;</P><P>What is the recommended flow for use with POP3 and SMTP on web servers that do not have regular interaction with an end user once consent has been given?</P> Tue, 23 Jun 2020 16:17:59 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/long-term-access-to-pop3-and-smtp-resources-using-oauth-2/m-p/1484051#M240 agagne400 2020-06-23T16:17:59Z Azure subscription and pricing model https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/azure-subscription-and-pricing-model/m-p/1484001#M237 <P>Could someone clarify the naming convention for Azure subscription and how that will reflect on billing?&nbsp;</P> Tue, 23 Jun 2020 16:13:23 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/azure-subscription-and-pricing-model/m-p/1484001#M237 michaelbyrd 2020-06-23T16:13:23Z FIDO2 Security Key Roadmap https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/fido2-security-key-roadmap/m-p/1483956#M232 <P>Hi, I was wondering if any of the currently unsupported scenarios for FIDO2 keys are on the roadmap:</P><P>&nbsp;</P><UL><LI>Windows Server Active Directory Domain Services (AD DS) domain joined (on-premises only devices) deployment.</LI><LI>RDP, VDI, and Citrix scenarios using a security key.</LI><LI>S/MIME using a security key.</LI><LI>"Run as" using a security key.</LI><LI>Log in to a server using security key.</LI></UL><P>Thanks!</P> Fri, 24 Jul 2020 08:03:08 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/fido2-security-key-roadmap/m-p/1483956#M232 WFChris 2020-07-24T08:03:08Z Welcome to the Azure Active Directory AMA! https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/welcome-to-the-azure-active-directory-ama/m-p/1483939#M216 <P>Welcome to the Azure Active Directory Ask Microsoft Anything (AMA)! This live hour gives you the opportunity to ask questions and provide feedback directly to the team.</P> <P>&nbsp;</P> <P>Please introduce yourself by replying to this thread. Post your questions in a<SPAN>&nbsp;</SPAN><STRONG>new thread</STRONG><SPAN>&nbsp;</SPAN>within the<SPAN>&nbsp;</SPAN><A href="https://gorovian.000webhostapp.com/?exam=t5/azure-active-directory-ama/bd-p/AzureActiveDirectoryAMA" target="_blank" rel="noopener">Azure Active Directory AMA space</A>, by clicking on, "Start a New Conversation" at the top of the page.</P> Tue, 23 Jun 2020 16:00:04 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/welcome-to-the-azure-active-directory-ama/m-p/1483939#M216 Eric Starker 2020-06-23T16:00:04Z Azure AD Schema - Protection https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/azure-ad-schema-protection/m-p/1483937#M214 <P>Will there be a possibility to extend the Azure schema, but with a "confidentiality bit" as exist in an AD on prem directory?</P> Tue, 23 Jun 2020 15:59:37 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/azure-ad-schema-protection/m-p/1483937#M214 BertDeSmedt 2020-06-23T15:59:37Z In the direction of OneTrueDigitalIdentity;-) https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/in-the-direction-of-onetruedigitalidentity/m-p/1483045#M212 <P>In the previous version where B2C utilized the graph.net and the user journeys where not based on ‘AlternativeSecurityId’ I was able to setup one B2C identity to multiple IDP’s; extremely nice where you can easily migrate to different IDP’s (eg in an overlap period between IDP's) or even make it possible to log on to a base identity and level up to a privilege identity in a shortest period of time (the extended PIM functionality). During COVID19 where employees work from remote locations shows we need better security concepts and moving away from a static to a far more secure and dynamic world. With the previous models we where able to do also callbacks to the different IDP’s and control them with even better conditional access concepts: the company (the tenant owner) more in focus and making it far more difficult to do identity theft.<BR />Can the identity team show an example on how to utilize such functionality after the transition to Graph and ‘AlternativeSecurityId’? I have done some attemps, but I can't get it to work as the previous implementation. Just love the Graph functionality and I have also shown how to improve the security concepts with the access token through a authentication chain. Do love to discuss this even further…<BR />Please also provide an example to do the IEF User Journeys with Microsoft Authenticator app as yet another of the MFA concepts; excellent stuff.. &nbsp;&nbsp;&nbsp;&nbsp;<BR /><BR />Best regards<BR />MrSmith<BR /><BR />BTW: love to bring this also into the main tenant. (The&nbsp;<SPAN>B2B stuff we all know: but why not also find a better license model; it's old fashioned with the static 1 to 5 model: in modern clouds a more dynamic approach is preferable; I do have some great suggestions;-))&nbsp;</SPAN></P><P>&nbsp; &nbsp;<BR /><BR /></P> Tue, 23 Jun 2020 08:55:38 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/in-the-direction-of-onetruedigitalidentity/m-p/1483045#M212 Kjetil Smith 2020-06-23T08:55:38Z Custom domains in B2C and B2B? https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/custom-domains-in-b2c-and-b2b/m-p/1482974#M204 <P>Will it be possible to setup custom domains for B2C or even B2B in products Microsoft owns such as Azure Front Door? Functionality we have seen in other B2C configurations:<BR /><BR /><A href="#" target="_blank">https://pro.login.realmadrid.com/</A><BR /><A href="#" target="_blank">https://login.dsb.dk/</A><BR /><A href="#" target="_blank">https://login.elkjop.no/</A><BR /><BR />I have already tried to configure Front Door, but run into some challenges with B2C.&nbsp;Would love to also have the possibility to setup TLS 1.3 ("2.0”); the front door to the safe azure harbor. Similar functionality we have shown with VPN and other products, where we route quickly to the nearest region and utilize the azure network backbone routing traffic internally to different azure clouds and regions. &nbsp;<BR />I assume we will also soon in Azure be able to set the default TLS version higher than 1.2; just as other cloud provider chooses to set the default version to 1.3.<BR /><BR /></P><P>Best regards<BR />MrSmith<BR /><BR />BTW: a lot of excellent stuff your identity team delivers; love that you bring in more of the B2C functionality into the main tenant ( external identities in B2B)...</P><P><BR /><BR /></P><P><BR /><BR /></P> Tue, 23 Jun 2020 08:17:41 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/custom-domains-in-b2c-and-b2b/m-p/1482974#M204 Kjetil Smith 2020-06-23T08:17:41Z Ask Microsoft Anything: Azure Active Directory – June 23, 2020 https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/ask-microsoft-anything-azure-active-directory-june-23-2020/m-p/1449718#M203 <P>In a world where your organization’s data can be spread across multiple applications—on-premises and in the cloud—and accessed by multiple devices and users, identity is the new control plane that connects it all. With Microsoft Azure Active Directory (Azure AD), you can establish a universal identity platform for your cloud and on-premises directories. Help your employees, partners, and customers collaborate by providing a seamless, secure sign-in experience for apps and services. Set requirements for each sign-in and increase security and compliance with conditional access, passwordless and multifactor authentication (MFA), advanced identity protection, and identity governance. Easily automate changes, enforce policies, and provide self-service options—so that you can focus on transforming your business.</P> <P><BR /><STRONG>Join our identity experts on Tuesday</STRONG><STRONG>, June 23rd for an opportunity to&nbsp;"Ask Microsoft Anything" (AMA) about deploying Azure AD capabilities</STRONG><SPAN>. The AMA will take place&nbsp;from 9:00 AM to 10:00 AM Pacific Time in the&nbsp;</SPAN><A href="https://gorovian.000webhostapp.com/?exam=t5/azure-active-directory-ama/bd-p/AzureActiveDirectoryAMA" target="_self">Azure AD AMA space</A><SPAN>. Add the event to your calendar&nbsp;<A href="#" target="_self" rel="nofollow noreferrer">here</A>.</SPAN></P> <P>&nbsp;</P> <P>To join, simply visit the<SPAN>&nbsp;</SPAN><A href="https://gorovian.000webhostapp.com/?exam=t5/azure-active-directory-ama/bd-p/AzureActiveDirectoryAMA" target="_self">AMA space</A><SPAN>&nbsp;</SPAN>at 9:00 a.m. PDT and submit a question by selecting&nbsp;Start a new conversation—then do this for each new question.</P> <P>&nbsp;</P> <P><STRONG>What is an AMA?</STRONG></P> <P>An AMA is a live, online, text-based question-and-answer event similar to a "YamJam" on Yammer or an "Ask Me Anything" on Reddit or Twitter.&nbsp;</P> <P>&nbsp;</P> <P><STRONG>Can’t attend at 9:00 AM Pacific Time?</STRONG></P> <P data-unlink="true">While we’ll only be answering questions in real-time from 9:00-10:00 a.m. Pacific Time, you can post your questions for the AMA to the<SPAN>&nbsp;</SPAN><A href="https://gorovian.000webhostapp.com/?exam=t5/azure-active-directory-ama/bd-p/AzureActiveDirectoryAMA" target="_self">Azure AD AMA space</A>&nbsp;in the<SPAN>&nbsp;</SPAN><A href="https://gorovian.000webhostapp.com/?exam=t5/azure-active-directory/ct-p/AzureActiveDirectory" target="_self">Azure AD Tech Community</A><SPAN>&nbsp;</SPAN>up to 24 hours in advance.&nbsp;</P> <P data-unlink="true">&nbsp;</P> <P data-unlink="true"><span class="lia-inline-image-display-wrapper lia-image-align-center" image-alt="June AMA.JPG" style="width: 999px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/197425i5C9529A68D2665B7/image-size/large?v=v2&amp;px=999" role="button" title="June AMA.JPG" alt="June AMA.JPG" /></span></P> <P>&nbsp;</P> Mon, 08 Jun 2020 23:09:16 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/ask-microsoft-anything-azure-active-directory-june-23-2020/m-p/1449718#M203 Adam Harbour 2020-06-08T23:09:16Z That's a wrap! https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/that-s-a-wrap/m-p/1364533#M198 <P><SPAN>Thank you for j</SPAN><SPAN>oining us and voicing your questions and feedback during this hour!</SPAN></P> <P>&nbsp;</P> <P><SPAN>If you've posted a question during the hour that hasn't been answered, be assured the team is working on a response. </SPAN></P> <P>&nbsp;</P> <P><SPAN>We will put together a summary document of what was covered during&nbsp;</SPAN><SPAN>and share it in this group.&nbsp;</SPAN><SPAN>See you next time!</SPAN></P> <P>&nbsp;</P> <P><SPAN>(EDIT: Summary attached!)</SPAN></P> Wed, 10 Jun 2020 20:32:06 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/that-s-a-wrap/m-p/1364533#M198 Eric Starker 2020-06-10T20:32:06Z Just 15 minutes to go! https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/just-15-minutes-to-go/m-p/1364504#M196 <P>Get your questions in!</P> Wed, 06 May 2020 16:47:16 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/just-15-minutes-to-go/m-p/1364504#M196 Eric Starker 2020-05-06T16:47:16Z Custom roles to new administrative units in preview https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/custom-roles-to-new-administrative-units-in-preview/m-p/1364495#M194 <P>Hi all,&nbsp;</P> <P>&nbsp;</P> <P>Currently working with the new administrative units in preview. Can we assign custom roles to that? For some users it's difficult to distinguish between office 365 and&nbsp; azure roles. Is there some documentation on that?&nbsp;</P> <P>&nbsp;</P> <P>Also looking for a way to block log-ins from outside company hq. I think CA can do this?</P> Wed, 06 May 2020 16:41:35 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/custom-roles-to-new-administrative-units-in-preview/m-p/1364495#M194 iekozz1 2020-05-06T16:41:35Z Nested Group Support https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/nested-group-support/m-p/1364461#M191 Is nested group support for group based licensing or Enterprise app role assignment coming in 2020? Wed, 06 May 2020 16:30:30 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/nested-group-support/m-p/1364461#M191 pschiess 2020-05-06T16:30:30Z Azure Application Proxy - HTML5 https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/azure-application-proxy-html5/m-p/1364456#M188 We implemented Azure Application Proxy with a RDP Gateway. It works really well and I love that we can leverage MFA and Conditional Access. However it requires IE and an ActiveX plugin. Are there plans to support RDP through HTML5 which works on most browsers? Wed, 06 May 2020 16:29:20 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/azure-application-proxy-html5/m-p/1364456#M188 David Gorman 2020-05-06T16:29:20Z Azure AD Application Proxy Service vs. VPNs https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/azure-ad-application-proxy-service-vs-vpns/m-p/1364426#M185 <P>Are there any advantages to using the Azure Active Directory Application Proxy Service over virtual private networks (VPNs) for enabling remote access to applications?&nbsp;</P> Tue, 28 Jul 2020 02:13:02 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/azure-ad-application-proxy-service-vs-vpns/m-p/1364426#M185 Kurt Mackie 2020-07-28T02:13:02Z Welcome to the Enable secure remote work with Azure Active Directory AMA! https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/welcome-to-the-enable-secure-remote-work-with-azure-active/m-p/1364372#M176 <P>Welcome to the Enable secure remote work with Azure Active Directory Ask Microsoft Anything (AMA)! This live hour gives you the opportunity to ask questions and provide feedback directly to the team.</P> <P>&nbsp;</P> <P>Please introduce yourself by replying to this thread. Post your questions in a<SPAN>&nbsp;</SPAN><STRONG>new thread</STRONG><SPAN>&nbsp;</SPAN>within the<SPAN>&nbsp;</SPAN><A href="https://gorovian.000webhostapp.com/?exam=t5/azure-active-directory-ama/bd-p/AzureActiveDirectoryAMA" target="_blank" rel="noopener">Azure Active Directory AMA space</A>, by clicking on, "Start a New Conversation" at the top of the page.</P> Wed, 06 May 2020 16:00:04 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/welcome-to-the-enable-secure-remote-work-with-azure-active/m-p/1364372#M176 Eric Starker 2020-05-06T16:00:04Z Ask Microsoft Anything: Enable secure remote work with Azure Active Directory – May 6, 2020 https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/ask-microsoft-anything-enable-secure-remote-work-with-azure/m-p/1345299#M173 <P>While remote work is a common feature of modern workplaces, it has become an imperative in light of the current worldwide Coronavirus (COVID-19) outbreak. Where it’s feasible, enabling work to happen from homes is a key way to help keep our employees, customers, partners and communities healthy and safe.</P> <P>&nbsp;</P> <P>For those of you using Azure Active Directory (Azure AD), which includes everyone using Office 365, a number of capabilities enable remote work while helping you keep your organization secured. We've shared some <A href="https://gorovian.000webhostapp.com/?exam=t5/azure-active-directory-identity/top-5-ways-your-azure-ad-can-help-you-enable-remote-work/ba-p/1144691" target="_self">best practices</A> around using Azure AD to enable remote work, and we've heard from you that you're looking for additional ways to get pointed help from our Identity experts.</P> <P><BR /><STRONG>Join us Wednesday</STRONG><STRONG style="font-family: inherit;">, May 6 for an opportunity to&nbsp;"Ask Microsoft Anything" (AMA) about enabling secure remote access for your workforce with Azure AD</STRONG><SPAN style="font-family: inherit;">.&nbsp;The AMA will take place&nbsp;from 9:00 AM to 10:00 AM Pacific Time in the </SPAN><A style="font-family: inherit; background-color: #ffffff;" href="https://gorovian.000webhostapp.com/?exam=t5/azure-active-directory-ama/bd-p/AzureActiveDirectoryAMA" target="_self">Azure AD AMA space</A><SPAN style="font-family: inherit;">. Add the event to your calendar <A href="#" target="_self">here</A>.</SPAN></P> <P>&nbsp;</P> <P>To join, simply visit the <A href="https://gorovian.000webhostapp.com/?exam=t5/azure-active-directory-ama/bd-p/AzureActiveDirectoryAMA" target="_self">AMA space</A> at 9:00 a.m. PDT and submit a question by selecting&nbsp;Start a new conversation—then do this for each new question.</P> <P>&nbsp;</P> <P><STRONG>What is an AMA?</STRONG></P> <P>An AMA is a live, online, text-based question-and-answer event similar to a "YamJam" on Yammer or an "Ask Me Anything" on Reddit or Twitter.&nbsp;</P> <P>&nbsp;</P> <P><STRONG>Can’t attend at 9:00 AM Pacific Time?</STRONG></P> <P data-unlink="true">While we’ll only be answering questions in real-time from 9:00-10:00 a.m. Pacific Time, you can post your questions for the AMA to the<SPAN>&nbsp;</SPAN><A href="https://gorovian.000webhostapp.com/?exam=t5/azure-active-directory-ama/bd-p/AzureActiveDirectoryAMA" target="_self">Azure AD AMA space</A>&nbsp;in the <A href="https://gorovian.000webhostapp.com/?exam=t5/azure-active-directory/ct-p/AzureActiveDirectory" target="_self">Azure AD Tech Community</A> up to 24 hours in advance.&nbsp;</P> <P data-unlink="true">&nbsp;</P> <P data-unlink="true"><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="AAD_AMA_May20.JPG" style="width: 999px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/187321iB12DC26CD6512DE1/image-size/large?v=v2&amp;px=999" role="button" title="AAD_AMA_May20.JPG" alt="AAD_AMA_May20.JPG" /></span></P> Tue, 05 May 2020 16:20:56 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/ask-microsoft-anything-enable-secure-remote-work-with-azure/m-p/1345299#M173 Adam Harbour 2020-05-05T16:20:56Z That's a wrap: threat and vulnerability management AMA! https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/that-s-a-wrap-threat-and-vulnerability-management-ama/m-p/2143601#M163 <P>Thanks for joining today's Ask Microsoft Anything session with the threat and vulnerability management experts on the Microsoft Defender for Endpoint team!</P> <P>&nbsp;</P> <P>Stay tuned to the <A href="#" target="_self">Microsoft Defender for Endpoint blog</A> for the latest news, events, and tools!</P> Wed, 17 Feb 2021 17:00:53 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/that-s-a-wrap-threat-and-vulnerability-management-ama/m-p/2143601#M163 Heather Poulsen 2021-02-17T17:00:53Z Software Inventory https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/software-inventory/m-p/2143575#M161 <P>How often does the MDE software inventory run on a device and how long does it take to update the console with TVM data?&nbsp; Is there a way to "kick it" so we can get compliance data faster IE Zero day&nbsp; vulns?</P> Wed, 17 Feb 2021 16:55:58 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/software-inventory/m-p/2143575#M161 Nick Wiley 2021-02-17T16:55:58Z AttackSurfaceReductionOnlyExclusions & Network Paths https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/attacksurfacereductiononlyexclusions-amp-network-paths/m-p/2143571#M160 <P>Can you please support network paths with exclusions? We gave some executables run from a network share, and cannot include them in an exclusion for ASR rules now.</P><P>So something like&nbsp;<SPAN>\\server\share$\folder</SPAN></P> Wed, 17 Feb 2021 16:55:05 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/attacksurfacereductiononlyexclusions-amp-network-paths/m-p/2143571#M160 Patrick Mast 2021-02-17T16:55:05Z Longer timeline in dashboarding https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/longer-timeline-in-dashboarding/m-p/2143561#M158 <P>To get a good grasp of the progress in the cyber security efforts, I would like to see a long timeline of 1 or maybe even 2 years. How can we create such reports?</P><P>&nbsp;</P><P>For TVM data but also Defender for Office (Compromised users and own phishing campaigns)&nbsp;</P> Wed, 17 Feb 2021 16:51:59 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/longer-timeline-in-dashboarding/m-p/2143561#M158 ArcticG 2021-02-17T16:51:59Z Sentinel and M365 Security Public Preview . . . signals crossed. https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/sentinel-and-m365-security-public-preview-signals-crossed/m-p/2143557#M155 <P>We began testing Sentinel over the same weekend before Feb 9 when the public preview took effect for the converged M365 Security.&nbsp; In turning connectors on and then off after the test, it seems like some signals are just now starting to make it's way back to M365 Security, and some information between M365 Security, MCAS and other previous portals are not quite synchronized.</P><P>&nbsp;</P><P>First, can I rule out testing with sentinel? (I want to make sure that connecting defender pieces to sentinel doesn't divert the native signals, but replicated and aggregates.)</P><P>&nbsp;</P><P>If Sentinel can be ruled-out as a factor, is this experience typical of this public preview transition?</P> Wed, 17 Feb 2021 16:51:12 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/sentinel-and-m365-security-public-preview-signals-crossed/m-p/2143557#M155 gregle 2021-02-17T16:51:12Z CIS Control 2 (Software Assets) https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/cis-control-2-software-assets/m-p/2143524#M151 <P>In DeviceProcessEvents executed software is tracked. So it should be possible to report on new software used in the last x days that hasn't been used in 30the last /60/90 days and that way check for new software installations, or worst case malicious software. Could you support this feature in the near future?</P><P>Perhaps even build a database of authorized software, and get alerts when unauthorized software is detected?</P> Wed, 17 Feb 2021 16:42:27 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/cis-control-2-software-assets/m-p/2143524#M151 Patrick Mast 2021-02-17T16:42:27Z Also export to XL, not only CSV, include last contact date and more https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/also-export-to-xl-not-only-csv-include-last-contact-date-and/m-p/2143479#M148 <P>Can you please start supporting export to XL files, and not only CSV files? I would assume MS know how to create a proper XL file...</P><P>Could the export file also always contain the last contact date of a device?</P><P>Could each export file also contain the date in the ISO format YYYYMMDD, and perhaps even HHMM, so each file will have a unique name?</P> Wed, 17 Feb 2021 16:36:36 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/also-export-to-xl-not-only-csv-include-last-contact-date-and/m-p/2143479#M148 Patrick Mast 2021-02-17T16:36:36Z Full Software Inventory? https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/full-software-inventory/m-p/2143453#M145 <P>The current Software Inventory only has a limit set of software detected on PCs. Will this contain all installed software in the near future?</P> Wed, 17 Feb 2021 16:32:57 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/full-software-inventory/m-p/2143453#M145 Patrick Mast 2021-02-17T16:32:57Z EDR turn off? https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/edr-turn-off/m-p/2143431#M141 <P>Is it possible to turn off the EDR component of MDE or at least limit it to what it is logging to start?&nbsp; Would like to get the full benefits of the Threat and Vulnerability manager ASAP but we currently already have a 3rd party EDR in place and would not need both running concurrently.</P> Wed, 17 Feb 2021 16:29:53 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/edr-turn-off/m-p/2143431#M141 Nick Wiley 2021-02-17T16:29:53Z Policy Conflict Resolution https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/policy-conflict-resolution/m-p/2143404#M139 <P>Hello, are there any plans on improving tools for policy conflict resolution? With so many areas to configure duplicate policy settings it can be confusing to resolve these conflicts as they happen. I can't click into the policies that are shown in conflict, or the settings, without looking around for where those policies are. It would be helpful to click the policy and be taken directly to where it is configured so that we can more easily resolve it.&nbsp;</P><P>&nbsp;</P><P>For example I have a policy in conflict currently, with a ticket open for the issue, which is EDR conflicting with the built in onboarding policy for instance. I can't dig into the onboarding policy at all, and the only thing configured with EDR is to enable sample sharing for all files. That settings is set to not configured on the Defender ATP Sensor Configuration Policy (all that is configured there is Microsoft Defender for Endpoint client config package type being set to onboard) and that's about all the insight I have into the settings.&nbsp;</P><P>&nbsp;</P><P>Additionally, are there plans to extend features available for Server 2016/2019 to Server 2012 R2 or are we expected to upgrade our environments if we want to be able to take actions against them in the ATP portal</P> Wed, 17 Feb 2021 16:26:44 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/policy-conflict-resolution/m-p/2143404#M139 BrandonD930 2021-02-17T16:26:44Z API - Remediation Tasks https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/api-remediation-tasks/m-p/2143386#M137 <P>Is it possible to get the remediation tasks that have been setup in TVM via a recommendation via the API?</P><P>&nbsp;</P><P>If so, does that data include the progress of the remediation and the recommended actions that remediated task is tracking?</P> Wed, 17 Feb 2021 16:25:06 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/api-remediation-tasks/m-p/2143386#M137 Alan Armstrong 2021-02-17T16:25:06Z File detection https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/file-detection/m-p/2143376#M136 <P>Hi,</P><P>&nbsp;</P><P>Is there a possibility to see the full path of the excecutable that was detected? Sometimes the full path is mentioned, but sometimes a registry key is reported.</P><P>&nbsp;</P><P>John</P> Wed, 17 Feb 2021 16:22:25 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/file-detection/m-p/2143376#M136 JohnGordijn 2021-02-17T16:22:25Z Automated investigations failed/partially investigated https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/automated-investigations-failed-partially-investigated/m-p/2143371#M135 <P>Hello from Spain!</P><P>&nbsp;</P><P>We would like to know why some automated investigations have failed or have kept in partially investigated.&nbsp;Is there any aspect that determines that some investigations do not end and therefore the associated incident does not self-remedy? Any troublehoot in case this happens?</P><P>&nbsp;</P><P>Thanks!</P> Wed, 17 Feb 2021 16:19:15 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/automated-investigations-failed-partially-investigated/m-p/2143371#M135 yoelopera 2021-02-17T16:19:15Z AV Scan reports https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/av-scan-reports/m-p/2143324#M130 <P>Hello everyone, and thank you for offering this workshop.</P><P>&nbsp;</P><P>My question is the following:</P><P>&nbsp;</P><P>At the moment it is possible to remotely run Defender virus scans on computers with threat(s).<BR />At the end of these scans, no report is ever generated. How many files have been scanned? Has the threat been removed? Nothing.</P><P>The same is true in Defender ATP for a quick or full scan.</P><P>&nbsp;</P><P>Did I search wrong? If so, will this feature be implemented?</P><P>&nbsp;</P> Wed, 17 Feb 2021 16:09:21 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/av-scan-reports/m-p/2143324#M130 akaudy 2021-02-17T16:09:21Z Email reports https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/email-reports/m-p/2143285#M128 <P>Howdy! Are there any plans for email reports, ex. devices that are out of compliance? I know it sounds old school, but management really appreciated that in our old endpoint security platform.</P> Wed, 17 Feb 2021 16:06:19 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/email-reports/m-p/2143285#M128 David Cober 2021-02-17T16:06:19Z Azure Monitor alerts https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/azure-monitor-alerts/m-p/2143298#M127 <P>To build on this - how about making the data accessible via Azure Monitor alerting? Then we could send alerts to whichever destination we like, e.g. email or webhooks (e.g. Slack/Teams).</P> Wed, 17 Feb 2021 16:06:44 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/azure-monitor-alerts/m-p/2143298#M127 simonphillips 2021-02-17T16:06:44Z Different status between Defender portal and OMS https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/different-status-between-defender-portal-and-oms/m-p/2143287#M125 <P><LI-USER uid="37638"></LI-USER>&nbsp;I have a question too. We're seeing different results in terms of our server patch status between the Microsoft Defender portal, and what's reported by OMS (and on the device itself) - which both show a clean bill of health. How is the list of missing patches determined, and why might they be different? Which one is accurate? Right now we think it's a large set of false positives, but we'd like to know for certain.</P> Wed, 17 Feb 2021 16:02:32 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/different-status-between-defender-portal-and-oms/m-p/2143287#M125 simonphillips 2021-02-17T16:02:32Z Support for AppV https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/support-for-appv/m-p/2143275#M123 <P>Hi, I have 2 questions: - Besides Google Chrome no other AppV applications are being recognized by ATP. When will this be sorted? - We have some applications with embedded software like Java, Chrome and Python. ATP does not recognize these. Can this be implemented? Greetings, John Gordijn</P> Wed, 17 Feb 2021 16:03:01 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/support-for-appv/m-p/2143275#M123 JohnGordijn 2021-02-17T16:03:01Z Welcome to the threat and vulnerability management AMA! https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/welcome-to-the-threat-and-vulnerability-management-ama/m-p/2143289#M122 <P><FONT color="#800000">To submit a question, click "<STRONG>Start a New Discussion</STRONG>"</FONT> in the&nbsp;<A href="https://gorovian.000webhostapp.com/?exam=t5/microsoft-security-and/bd-p/MicrosoftSecurityandComplianceAMA" target="_self">Microsoft Security and Compliance AMA space</A>--and do this for each new question.&nbsp;This will enable us to easily identify and answer your questions.</P> <P>&nbsp;</P> <P>If you want to keep an eye on the questions being asked by your peers, simply stay on the&nbsp;<A href="https://gorovian.000webhostapp.com/?exam=t5/microsoft-security-and/bd-p/MicrosoftSecurityandComplianceAMA" target="_self">Microsoft Security and Compliance AMA space</A>--and refresh the page from time to time.</P> <P>&nbsp;</P> <P>Ask us your tough questions, your detailed questions, your simple questions--or, share your feedback (your experience to date, features you'd like to see, etc.). After the event, we will make a summary of this AMA and post it to the group.</P> <P>&nbsp;</P> <P>Let's get started! Please introduce yourself as a reply below!</P> <P>&nbsp;</P> Wed, 17 Feb 2021 16:00:12 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/welcome-to-the-threat-and-vulnerability-management-ama/m-p/2143289#M122 Heather Poulsen 2021-02-17T16:00:12Z Early access: Threat & vulnerability management AMA https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/early-access-threat-amp-vulnerability-management-ama/m-p/2139827#M114 <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="TVM_AMA_early-access.png" style="width: 999px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/255279i2B709B49AF4B9787/image-size/large?v=v2&amp;px=999" role="button" title="TVM_AMA_early-access.png" alt="TVM_AMA_early-access.png" /></span></P> <P>The next Microsoft Defender for Endpoint AMA takes place tomorrow from 8:00-9:00 a.m. PT, but you can post your questions now!</P> <P>&nbsp;</P> <P>Our team is excited to answer your questions about threat and vulnerability management--and help you mature your vulnerability management programs and strategies. Bookmark this space to check back on answers:<SPAN>&nbsp;</SPAN><A href="#" target="_blank" rel="noopener noreferrer">https://aka.ms/ama/DefenderforEndpoint</A></P> <P>&nbsp;</P> <P>&nbsp;</P> Tue, 16 Feb 2021 17:33:23 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/early-access-threat-amp-vulnerability-management-ama/m-p/2139827#M114 Heather Poulsen 2021-02-16T17:33:23Z Microsoft Defender Architecture ? https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/microsoft-defender-architecture/m-p/1896700#M103 <P>Microsoft Defender Architecture ?&nbsp;</P><P>&nbsp;</P><P>DNS is a considered a infrastructure service for all 3 environments. dev stage and prod.&nbsp;</P><P>&nbsp;</P><P>I'm just wondering how have large Fortune 500 companies deployed MDTAP, as a shared security service across all three environments, or created 3 separate instances of MDTAP in the cloud for dev, stage, and Prod ?&nbsp;</P><P>&nbsp;</P><P>What does Microsoft consider best practices for deployment ?&nbsp;</P><P>&nbsp;</P><P>Thanks Roger.</P> Tue, 17 Nov 2020 16:50:32 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/microsoft-defender-architecture/m-p/1896700#M103 Deleted 2020-11-17T16:50:32Z Central Management for heterogeneous Environments https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/central-management-for-heterogeneous-environments/m-p/1896680#M102 <P>Hi Guys,</P><P>&nbsp;</P><P>in case of an very heterogeneous environment (linux, windows Server, Windows Client, different domains, non-domain joined, azure + onprem) we would need a centralized management tool for all endpoints.</P><P>This includes configuration management, enable/disable of features, unique ruleset for specific endpoints, exception management and so on.</P><P>&nbsp;</P><P>Do you have any plans for the microsoft security center to become such a centralized management tool?</P><P>&nbsp;</P><P>Do you have any ideas how to fulfill these requirements today for md-atp?</P><P>&nbsp;</P><P>Thanks in advance,</P><P>&nbsp;Ruben</P> Tue, 17 Nov 2020 16:49:30 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/central-management-for-heterogeneous-environments/m-p/1896680#M102 rubenmeichsner 2020-11-17T16:49:30Z Windows Defender ATP and WVD (Windows Virtual Desktop) https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/windows-defender-atp-and-wvd-windows-virtual-desktop/m-p/1896662#M100 <P>Morning,</P><P>&nbsp;</P><P>We are in the process of piloting a WVD environment with Windows 10 Enterprise VM's.&nbsp; Does MDATP work with single and multi session configurations?&nbsp;&nbsp;</P><P>&nbsp;</P> Tue, 17 Nov 2020 16:48:12 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/windows-defender-atp-and-wvd-windows-virtual-desktop/m-p/1896662#M100 JCSBCH123 2020-11-17T16:48:12Z Defender ATP Roles question https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/defender-atp-roles-question/m-p/1896593#M90 <P>In Defender ATP I have the Security Administrator Role, but seems I need also Intune Service Administrator to deploy and manage Defender and Also Manager the Firewalls rules for Microsoft endpoint ?</P><P>&nbsp;</P> Tue, 17 Nov 2020 16:36:28 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/defender-atp-roles-question/m-p/1896593#M90 Deleted 2020-11-17T16:36:28Z MDATP Exclustion path https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/mdatp-exclustion-path/m-p/1896513#M85 How we can define Exclusion Path for special server/VM , from portal Security " not all the servers"<BR /><BR />How we can turn off the real time protection for one server from portal Security " not isolated device"<BR /><BR />we know that we can do it from Powershell and from GPO but is the passible from Portal Tue, 17 Nov 2020 16:32:23 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/mdatp-exclustion-path/m-p/1896513#M85 mohamad-ghanem 2020-11-17T16:32:23Z MacOS Full feature Parity https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/macos-full-feature-parity/m-p/1896474#M82 <P>Hello Defender for Endpoint Team. Thanks for putting this on.&nbsp;<BR /><BR />I work in the Higher Education space, and our units have a large number of MacOS devices. We have noticed that while the features of Defender work well on Windows, even basic things such as remediating malware don't seem to work as well on MacOS. Our units have given feedback that it is frustrating to have Defender simply "detect" Adware, generic variants of malware, PUPs, etc. without giving the ability to remediate them or simply automatically remediating them, in the way a traditional AV would.&nbsp;<BR /><BR />Do you have any detailed roadmap for full feature MacOS parity (Live Response, Device isolation, Defender AV automatic remediation, Automated investigations, investigation packages) with Windows? We've seen several times where the response is "it's on the roadmap" but literally no indication of when it will be released. Trying to get units on board to a product that feels half baked for a large majority of their OS deployments is a challenge.&nbsp;</P> Tue, 17 Nov 2020 16:29:22 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/macos-full-feature-parity/m-p/1896474#M82 IntrepidTechie 2020-11-17T16:29:22Z Is EDR in Block Mode also recommended when using Windows Defender as primary AV? https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/is-edr-in-block-mode-also-recommended-when-using-windows/m-p/1896442#M79 <P>Hello everybody,<BR /><BR />i just wondered if the "EDR in Blockmode" is also recommended if Windows Defender is used as the primary Antimalware solution (and no other AV is installed).</P><P>Should the feature be turned on or of - and are there maybe issued when using both?</P><P>&nbsp;</P><P>All the best</P><P>Stefan</P> Tue, 17 Nov 2020 16:26:47 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/is-edr-in-block-mode-also-recommended-when-using-windows/m-p/1896442#M79 SteBeSec 2020-11-17T16:26:47Z Defender ATP Environments ? https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/defender-atp-environments/m-p/1896423#M78 <P>&nbsp;</P><P>Do you see customers creating separate dev stage and prod environments for Defender, or is it consider more of shared Service were their one environment for Endpoint/Defender Protection Services ?</P> Tue, 17 Nov 2020 16:25:57 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/defender-atp-environments/m-p/1896423#M78 Deleted 2020-11-17T16:25:57Z DeviceEvents - ActionType question https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/deviceevents-actiontype-question/m-p/1896405#M77 <P>Is there any ongoing effort to increase the ActionType option in DeviceEvents table.<BR />For e.g. The actiontype covers the ExploitGuard, ASR and a handful of Win32API calls.<BR />Can the coverage of Win32API calls be increased to cover InitiailizeSecurityContext API and other Kerberos functions ?</P> Tue, 17 Nov 2020 16:24:59 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/deviceevents-actiontype-question/m-p/1896405#M77 SC7 2020-11-17T16:24:59Z Defender ATP - Defense in Depth / Alignment with other tools https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/defender-atp-defense-in-depth-alignment-with-other-tools/m-p/1896388#M76 <P>How well does Defender ATP "play with others"?&nbsp;<BR />In environments where there may be other AV products in play, do you test along side those tools, identify any inconsistencies or issues and seek to resolve them?<BR /><BR /><BR /></P> Tue, 17 Nov 2020 16:24:23 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/defender-atp-defense-in-depth-alignment-with-other-tools/m-p/1896388#M76 DBR125 2020-11-17T16:24:23Z More Endpoint Details in MDATP POrtal https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/more-endpoint-details-in-mdatp-portal/m-p/1896367#M74 <P>I'm currently in the situation where we still using MEMCM/SCCM and are not quite ready for using Intune.</P><P>For Windows Defender for Endpoint, I have to use the MEMCM/SCCM Console for things like watching Updatestatus and Agenthealth, Reporting, but have to switch to the MDATP Portal for anything threatrelated.</P><P>Also I have the "classic" Microsoft Defender SCCM Settings for Exclusions etc. and I have the Indivcators and Settings in the MDATP Portal.</P><P>&nbsp;</P><P>Is there any plan to bring more Windows Defender Management to the MDATP Portal? At least some things like Exclusions, Healthstatus (in detail), better Reportingcapabilities without using&nbsp; PowerBI?</P><P>&nbsp;</P><P>All the best<BR />Stefan</P> Tue, 17 Nov 2020 16:23:09 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/more-endpoint-details-in-mdatp-portal/m-p/1896367#M74 SteBeSec 2020-11-17T16:23:09Z Web Filter ? https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/web-filter/m-p/1896346#M72 <P>What the ETA for Web Filter being GA ?</P> Tue, 17 Nov 2020 16:21:32 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/web-filter/m-p/1896346#M72 Deleted 2020-11-17T16:21:32Z Linux Defender Support https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/linux-defender-support/m-p/1896326#M70 <P>Are their Plans to support Linux 6.8 with Microsoft Defender</P> Tue, 17 Nov 2020 16:20:28 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/linux-defender-support/m-p/1896326#M70 Deleted 2020-11-17T16:20:28Z "Threat Experts" for Defender ATP - What do they do? https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/quot-threat-experts-quot-for-defender-atp-what-do-they-do/m-p/1896309#M69 <P>What do the "Threat Experts" for Defender ATP do for organizations that subscribe to them?</P><P>Would it be ideal for organizations that lack malware forensic experience or deconstruction knowledge?</P><P>&nbsp;</P> Tue, 17 Nov 2020 16:19:18 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/quot-threat-experts-quot-for-defender-atp-what-do-they-do/m-p/1896309#M69 DBR125 2020-11-17T16:19:18Z How do the "allow" Certificate Indicators in MDATP Portsal actually work https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/how-do-the-quot-allow-quot-certificate-indicators-in-mdatp/m-p/1896245#M64 <P>Hello there and thank you for this AMA.<BR /><BR />I have a question regarding the certificate Indicators in the MDATP Portal:</P><P>&nbsp;</P><P>If I want to whitelist everything which is signed by my corporate Certificate Authority, is it enough to add the Root Certificate als an "Allow" Indicator, or do I need to Add every Certificate issued by the CA individually?<BR /><BR />All the best<BR />Stefan</P> Tue, 17 Nov 2020 16:15:06 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/how-do-the-quot-allow-quot-certificate-indicators-in-mdatp/m-p/1896245#M64 SteBeSec 2020-11-17T16:15:06Z Linux Support https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/linux-support/m-p/1896226#M62 <P>Any Plans to Support Linux 6.8 with Defender</P> Tue, 17 Nov 2020 16:13:53 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/linux-support/m-p/1896226#M62 Deleted 2020-11-17T16:13:53Z Are there any updates regarding Microsoft Defender for macOS for GCC High? https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/are-there-any-updates-regarding-microsoft-defender-for-macos-for/m-p/1896187#M61 <P>Are there any updates regarding Microsoft Defender for macOS for GCC High?</P> Tue, 17 Nov 2020 16:14:28 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/are-there-any-updates-regarding-microsoft-defender-for-macos-for/m-p/1896187#M61 alyoung 2020-11-17T16:14:28Z Merging management together https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/merging-management-together/m-p/1896136#M56 <P>Hello,<BR /><BR />*Will there be more possibilities to unify management and "just" use security center for our tasks?</P><P>*Any plans to do pdf incident reporting out of the security center?</P><P>*Plans to support ansible modules for mdatp?</P> Tue, 17 Nov 2020 16:08:18 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/merging-management-together/m-p/1896136#M56 mbelling 2020-11-17T16:08:18Z Tamper Protection outside of Intune https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/tamper-protection-outside-of-intune/m-p/1896091#M54 <P>Is there a mechanism to turn on tamper protection features outside of Intune/MEM ?</P> Tue, 17 Nov 2020 16:06:24 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/tamper-protection-outside-of-intune/m-p/1896091#M54 SC7 2020-11-17T16:06:24Z Integration Roadmap https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/integration-roadmap/m-p/1896075#M53 <P>I have seven different browser tabs open at all times to allow me to see all of the Microsoft security tools that I feel that I need to get all of the alert and activity information.&nbsp; There seems to be a direction of travel towards M365 security as the 'single pane of glass' for incidents but Sentinel also seems to be a favoured solution.&nbsp; Can you let me know how the existing tools are expected to develop over the next 6-12m please?</P> Tue, 17 Nov 2020 16:05:43 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/integration-roadmap/m-p/1896075#M53 JH_Wiltshire 2020-11-17T16:05:43Z A few questions https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/a-few-questions/m-p/1895980#M51 <P>A few questions: Is there a possibility to define exclusion paths for selected servers/virtual machines from the security portal?</P> <P>How can we turn off real time protection for selected servers from portal?</P> <P>&nbsp;</P> <P>Seems like this only works per powershell right now. Many functions are only possible per gpo or powershell, but it would be nice to hear that these features will be released in the near future!</P> Tue, 17 Nov 2020 16:05:12 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/a-few-questions/m-p/1895980#M51 mbelling 2020-11-17T16:05:12Z Welcome to the Microsoft Defender for Endpoint AMA! https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/welcome-to-the-microsoft-defender-for-endpoint-ama/m-p/1895939#M47 <P>Welcome to the Microsoft Defender for Endpoint Ask Microsoft Anything (AMA)! This live hour gives you the opportunity to ask questions and provide feedback directly to the team.</P> <P>&nbsp;</P> <P><SPAN>If you have questions about&nbsp;Microsoft Defender for Endpoint capabilities for macOS, Linux, Android, and iOS, this is the event for you.&nbsp;</SPAN></P> <P>&nbsp;</P> <P>Please introduce yourself by replying to this thread. Post your questions in a new thread within the<SPAN>&nbsp;</SPAN><A href="https://gorovian.000webhostapp.com/?exam=t5/microsoft-security-and/bd-p/MicrosoftSecurityandComplianceAMA" target="_blank" rel="noopener">Microsoft Security and Compliance AMA space</A>, by clicking on, "Start a New Conversation" at the top of the page.</P> Tue, 17 Nov 2020 15:59:31 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/welcome-to-the-microsoft-defender-for-endpoint-ama/m-p/1895939#M47 Dylan Snodgrass 2020-11-17T15:59:31Z Splunk SIEM integration https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/splunk-siem-integration/m-p/1895339#M44 <P>Is there any Splunk SIEM integration and can you confirm what will be seen in the old Azure Defender Console</P> Tue, 17 Nov 2020 14:26:56 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/splunk-siem-integration/m-p/1895339#M44 DaveFoster 2020-11-17T14:26:56Z iOS/Android versions of Defender ATP questions https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/ios-android-versions-of-defender-atp-questions/m-p/1877087#M42 <P>* Will you implement the possibility to push the VPN profiles needed for web-protection as an MDM payload instead of letting the apps/end users "manually" accept the VPN prompts (and then also be able to remove it via settings)?<BR />* Do your roadmap include some sort of "forced activation" setup flow, where the end users can be redirected to start &amp; activate the Defender applications if they haven't already done so?</P> <P>* Which source/repository is used for links in the phising/web protection?</P> <P>* What's next for Defender on iOS and Android?</P> <P>&nbsp;</P> <P>All of these questions applies to the iOS/Android versions of Defender ATP.</P> <P>&nbsp;</P> Tue, 17 Nov 2020 14:02:03 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/ios-android-versions-of-defender-atp-questions/m-p/1877087#M42 Anton_I65 2020-11-17T14:02:03Z Early access: Microsoft Defender for Endpoint AMA - November 17, 2020 https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/early-access-microsoft-defender-for-endpoint-ama-november-17/m-p/1873753#M40 <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Card showing that the Microsoft Defender for Endpoint AMA on cross-platform capabilities will take place on Tuesday, November 17th from 8-9am Pacific Time. More information is available at aka.ms/AMA/DefenderForEndpoint" style="width: 597px;"><img src="https://techcommunity.microsoft.com/t5/image/serverpage/image-id/232722iFD4752AF28ED387B/image-size/large?v=v2&amp;px=999" role="button" title="X-PLAT_ama_v3.png" alt="X-PLAT_ama_v3.png" /></span></P> <P>&nbsp;</P> <P>Early access for the first Ask Microsoft Anything (AMA) for Microsoft Defender for Endpoint is now open! Select <STRONG>Start a New Discussion</STRONG> to post your questions--and do this for each new question!<BR /><BR />If you have questions about&nbsp;Microsoft Defender for Endpoint capabilities for macOS, Linux, Android, and iOS, this is the event for you. We'll be answering live November 17th from 8:00 - 9:00 a.m. Pacific Time so keep an eye on your Notifications icon (top right corner) for answers to the questions you post and watch this space to view the conversations and questions from your peers.<BR /><BR /><SPAN>An AMA is a live online event similar to a “YamJam” on Yammer or an “Ask Me Anything” on Reddit. This AMA gives you the opportunity to connect with members of the product engineering team who will be on hand to answer your questions and listen to feedback. It will take place in the <A href="https://gorovian.000webhostapp.com/?exam=t5/microsoft-security-and/bd-p/MicrosoftSecurityandComplianceAMA" target="_blank" rel="noopener">Microsoft Security and Compliance AMA space</A> and is open to all members of the Tech Community.</SPAN></P> <P>&nbsp;</P> <P>Check out <LI-USER uid="16045"></LI-USER>'s blog post for an. ics file to add this event to your calendar.</P> <P>&nbsp;</P> <P>We look forward to answering your questions!</P> <P>&nbsp;</P> Mon, 16 Nov 2020 17:49:55 GMT https://gorovian.000webhostapp.com/?exam=t5/security-compliance-and-identity/early-access-microsoft-defender-for-endpoint-ama-november-17/m-p/1873753#M40 Heather Poulsen 2020-11-16T17:49:55Z