Security alerts in Microsoft defender for Cloud
Hello All, we have received below security alert in Microsoft defender for cloud for our App service. 1) NMap scanning detected (for this we got the carrier and organization as Microsoft) 2) Vulnerability scanner detected 3) Suspicious User Agent detected Our website is Internet facing (Public facing). so, we cannot put much restriction on our app service (ex IP restriction, SSL certificate). We are unable to investigate the below alerts. we checked the log analytics workspace logs but and extracted the logs from the caller IP. but could not find much information form it we also checked there was no impact found on our webapp. 1) NMap scanning detected (for this we got the carrier and organization as Microsoft) 2) Vulnerability scanner detected 3) Suspicious User Agent detected Is there any way by which we can investigate why these alerts got generated. and what next action can be taken on this ?
Help choosing Vulnerability scanner - Microsoft TVM Vs Qualys
A client of mine has asked to provide a comparison between Microsoft TVM and Qualys so that vulnerability extension can be configured on the MDC. Only MDE TVM is supported on Virtual Machine scale Set. Qualys doesn’t support VMSS. With Qualys , the vulnerability findings only show in Defender for Cloud and not in security.microsoft.com. Are there any recommendation on choosing one of these scanners?MS Purview Compliance Manager and Defender for Cloud
How is MS Purview Compliance Manager and Defender for Cloud (regulatory compliance), which appear to do very similar if not identical functions, related? I know Compliance Manager uses MCCA/CAMP to evaluate environments, does Defender for Cloud use MCCA/CAMP as well to determine compliance? Just looking to understand the relationship, if any, between the two products.Regulatory Reports automation on multiple subscriptions
Hi Is there a way to get the Regulatory Compliance report on subscriptions (like the "Downloadable") in Microsoft Defender for Cloud, sent out pr. Email in a specified interval? as we have the option to download the report but I'm unable to find an option to automate the same.Talk to our engineers about Microsoft Defender for Cloud protection capabilities
Data Security has become top priority for organizations, greatly emphasized by the transition to cloud, rise in privacy and regulatory legislations, and Intellectual Property needs. Organizations look for Data Security technologies to address data security risks and to protect their data in an ever growing and complex eco-system of devices, platform, locations, and data asset types. The Cloud Data Security (CDS) product team is developing new capabilities in Microsoft Defender for Cloud that enhances data security posture management based on data sensitivity and data risk. We are currently collecting customer’s input on data protection capabilities for structured and unstructured data and would like to speak with customers interested in protecting their data in the cloud. During this conversation, you will be speaking directly with the Cloud Data Security engineering group regarding cloud data protection needs for structured and unstructured data such as data loss prevention, encryption, tokenization, masking, and access policies. Your input is important and will help influence the design and development of key features. If are interested in talking to our Cloud Data Security Engineering team about protection capabilities within Microsoft Defender for Cloud, please fill out this form --> https://aka.ms/MDFCDataProtectionassign default initiative not showing
Hi Trying to Creating default initiative, but its not showing under default (after several hours) When Assigning there's this notification: Creating initiative assignment succeeded Creating initiative assignment 'Azure Security Benchmark' in 'sub1' was successful. Please note that the assignment takes around 30 minutes to take effect.Unable to add Compliance Policy
I have enable my Global Admin role in PIM, when I try to add the Audit CIS Microsoft Azure Foundations Benchmark 1.1.0 standard, I get an error You cannot perform this action without the following permissions over selected scope (Microsoft.Authorization/PolicyAssignments/write) When I search for this permission, I can't find anything about a Write method for the PolicyAssignments. Any idea what would be causing this or how I investigate?Survey: Endpoint Protection!
Hi Everyone, we need your feedback! Microsoft is actively investing in expanding endpoint protection in Azure Security Center. This is your opportunity to influence our thinking and priorities in where to invest. Here's the link to the quick, 3 question, feedback form asking your opinion on a few topics. Note: No personal information is collected in this feedback form. Thank you!
