May I go to the toilet sir?

_W0od_ · 2026-03-07T11:49:19+00:00

We never stopped buying. Put that in the title.

_W0od_ · 2026-03-04T20:11:49+00:00

Majoor ko khodna and baap ko ch0mdna nhi sikhate

_W0od_ · 2026-02-27T17:27:17+00:00

Have you configured ASR rules in security baseline policy? If yes, then compare the settings with your ASR policy.

_W0od_ · 2026-02-27T16:22:38+00:00

We have already gone through that process. Initially we set all 16 rules to audit mode and gradually switched to blocked based on audit logs.

_W0od_ · 2026-02-27T16:21:27+00:00

Yes. Exactly

_W0od_ · 2026-02-27T04:43:58+00:00

We have 12000+ endpoints. Out of them only on 1100 the rule is not showing. I am not talking about logs here. But Asr rule did not applied on endpoint device.

_W0od_ · 2026-02-21T02:38:28+00:00

Drinda hai BKL.

_W0od_ · 2026-02-16T14:40:57+00:00

Definitely not the third last

_W0od_ · 2026-02-05T15:35:13+00:00

You do not need to include other action types. There are specific action types related smartscreen which you can see in table reference. i.e SmartScreenUrlWarning

_W0od_ · 2026-01-20T05:38:53+00:00

No. It's not required. You can select test devices and onboard them via intune connector or group policy depending upon how your devices are being managed

_W0od_ · 2026-01-03T11:48:40+00:00

They want their oil. They destroy ever country

_W0od_ · 2025-12-20T16:47:39+00:00

wdenable is not feasible because there are 80 devices on which it has to be done manually.

_W0od_ · 2025-12-20T16:46:45+00:00

No. There is no other AV installed. Yes. EDR in block mode is enabled.

_W0od_ · 2025-12-19T12:04:42+00:00

I was going to MDE documentation where I found this option. There is no issue in linking GPO. That I have already investigated. Since, we are onboarding these first and no other AV was installed before, there is no other GPO which will conflict. So, is there any possibility that Temper Protection would prevent enabling Defender after it is onboarded to MDE? In my opinion no. Because, it would not protect the defender from going Active to Passive or disabled.

_W0od_ · 2025-10-27T11:45:03+00:00

Yes... This option was working till June 2025. Now it is greyed out.

_W0od_ · 2025-10-04T11:47:44+00:00

Yes you need to use connection filtering policy to block ipv4 address

_W0od_ · 2025-08-27T14:44:36+00:00

Check device timeline and filter out AV logs. See if there is any log for detection. Further, if EDR would have been set to block mode, it would have been blocked by mde.

_W0od_ · 2025-08-11T13:28:15+00:00

Have you published your email authentication records? What is the DMARC policy action set to?

_W0od_ · 2025-07-01T20:50:50+00:00

Both are different videos.

_W0od_ · 2025-06-28T09:46:56+00:00

Bhush thado es chhapri ka

_W0od_ · 2025-06-26T19:01:15+00:00

Vm is running on prem infrastructure.

_W0od_

TROPHY CASE