Use with Windows Security which was formally called Windows Defender Security Center
References:
Help protect my device with Windows Security
Related tag:
Windows-Security
Questions tagged [windows-defender]
180 questions
0
votes
0 answers
Using Terraform to Enable Microsoft Defender for Storage on a Storage Account to scan for Malware
Im trying to enable malware scanning using "Microsoft Defender for Storage" on a Storage Account using terraform, but im not able to find out how to do it. Is it not supported in Terraform? Im trying to enable the "On-upload malware scanning" option…
O'Neil Tomlinson
- 702
- 1
- 6
- 28
0
votes
1 answer
How do i join all events related to a single identifier in KQL?
A single alert in 365Defender often contains several events categorized by EntityType. I'm trying to collect all data related to a unique AlertID into a single line so it can all be correlated towards other tables (Device*Events). I've tried doing…
0
votes
0 answers
Configure WDAC Policy for Whitelisting signed installer. Win 10 Enterprise LTSB
I have a C# application with all dll signed and it's installer generated with Advanced Installer. Installer is also signed.
I need to configure WDAC Code Integrity feature to make installer work and also application work. With the following steps I…
JuanDYB
- 590
- 3
- 9
- 23
0
votes
0 answers
WDAC Status checked via C++ and Windows API
So, I have been working on a project to make a Windows Service. While doing so, I set my target for the project to check on diffrent parts of the PC and its status. Windows Firewall, Antivirus and its health. Monitor use of folders and what not.
All…
0
votes
0 answers
How to properly deploy a VSTO Outlook plugin, signed with a code certificate, through ClickOnce for Windows Defender acceptance?
I have developed an Outlook plugin that is deployed to thousands of clients. Recently, some of our clients are having issues when we push out updates for the plugin.
The update is deployed on our servers, and ClickOnce handles the rest. However, our…
Cédric Boivin
- 10,854
- 13
- 57
- 98
0
votes
0 answers
How to resolve LNK2001 error when compiling with WindowsDefender.h in Visual Studio 2022 Community Edition?
Windowsdefender.h LNK2001 Error on Compile Using Visual Studio 2022 Community Edition
I work on doing small projects with C++, trying to build things using just C++ without C#, .Net and other tools. While doing this, I ran into a problem with…
0
votes
0 answers
Add-MpPreference is not working on PowerShell
first I'm a Windows user. I'm going to exclude my files with the 'Add-MpPreference' command. I'm excluding my files because I don't want Windows Defender deleting my files because my files are threatening this laptop, so I want to stop Windows…
Gavin_XXd
- 31
- 6
0
votes
0 answers
Collect log Windows Defender for endpoint using elastic agent
How to collect logs windows Defender for endpoint or server using elastic agent ?
im already use "Microsoft Defender for Endpoint" (feature integration on elasticsearch) but i have to create a new azure application. so we need to collect logs only…
CkopitcK
- 1
- 1
0
votes
0 answers
How can I trigger detection for Microsoft-Defender/AV using a pseudo-threat?
How can I trigger the Microsoft AV to detect a file or URL as malicious using a pseudo-threat? A pseudo-threat in this case is a 'clean/safe' file but is detected by the Microsoft AV (or the AV industry as a whole) as malicious just for testing.
Is…
GovZ
- 253
- 1
- 11
0
votes
0 answers
Does 'Add-MpPreference' powershell command used for changing Defender settings support Regular expressions in folder paths?
I have setup a Kubernetes cluster to deploy my cloud application and the application pods/services are deployed on several Windows nodes. Defender antivirus is installed on all of these nodes to scan the folders belonging to the application.
Due…
0
votes
0 answers
Word and Excel VSTO-AddIns huge startup loading time because DLLs are scanned by Windows Defender
So far we experienced this issue on different Windows Server 2016 Standard x64 systems (we use it as a terminal server) and the problem seems to exist since January/February 2023. The customers use MS Office 2016 32 Bit.
Loading VSTO AddIns when…
Lord Tasci
- 21
- 4
0
votes
0 answers
How to set Defender Exclusion in Powershell
I need to set folder exclusion for defender using powershell. The problem is that folder has dot in its name ../.m2/.. (folder for IDE IntelliJ IDEA). If I am trying to create this exclusion with this command:
Add-MpPreference -ExclusionPath…
rumcajs
- 11
- 2
0
votes
0 answers
Defender KQL to show blocked Bluetooth Devices with all relevant fields
I'm trying to write a query to report on BlueToothPolicyTriggered events, that will return all the details to show when a device was blocked by policy AND the details of that device.
Our BT policy basically should allow everything but block file…
Andy Taylor
- 1
- 1
0
votes
0 answers
Identify or Ignore or Stop malicious files when copying files between Azure storage accounts using AZCopy
scenario
Source storage account[X] can store any type of files[may be malicious] which user uploads.
Target storage account[Y] is personal and protected by windows defender for cloud.
We are using azcopy in PS7 to transfer files between storage…
0
votes
0 answers
Windows Defender: Attack Surface Reduction - No Events in EventLog for some blocked actions
I have some ASR rules activated (set to Block) for my clients, like "Block process creations originating from PSExec and WMI commands" or "Block JavaScript or VBScript from launching downloaded executable content".
While testing the rules it seems…
manderda
- 80
- 1
- 8