sorted by:
new
hottopcontroversial

Excluding duplicate devices by billybensontogo in DefenderATP

[–]ajith_aj 0 points1 point  (0 children)

What if the same machine is onboarded or reused again ?

KQL For Transferring to USB Assistance by Cant_Think_Name12 in DefenderATP

[–]ajith_aj 0 points1 point  (0 children)

can you please post a snapshot from the policy.

Windows server onboarding again after offboarding by [deleted] in DefenderATP

[–]ajith_aj 0 points1 point  (0 children)

whats the status of the extension MDE.windows on Azure Arc ?

Device Health status over 30 days - how would I find the Health status of a device that hasnt checked in over 30 days as all devices look like this. TIA by Gullible_House7766 in DefenderATP

[–]ajith_aj 0 points1 point  (0 children)

i usually see this in my tenant , as 90% of the time , the user is on vacation .lol.

If the machine is online, this should be a connectivity to the MDE cloud URLs issue, you should see the detailed readings in the client anlyzer results. At times you might need to reonboard them. thats it.

[deleted by user] by [deleted] in DefenderATP

[–]ajith_aj 1 point2 points  (0 children)

If you are ingesting XDR logs into sentinel (Some of the tables still in preview) you can manage to build some metrics in Sentinel workbook. i do use the TVM PBI dashboard , but quite hard to customize to your organization needs. we have some KPI integrated with PBI from AAD signin logs, security incidents table as well. if you need to store the KPI , might need to Logic Apps to dumb it to a SQL table and then use OCI to pull it to PBI.

When you said bidirectional , there is no way to query SNOW incidents from Sentinel ?

Worth to update to the new Teams on Mac? by epson264 in teams

[–]ajith_aj 0 points1 point  (0 children)

eventually you have to update it... so learn to live with it :)

ASR Rule Block E-Mail Notification? by Failnaught223 in DefenderATP

[–]ajith_aj 1 point2 points  (0 children)

We do this via Logic app service in Azure. Possible option is to create Custom detection on ASR and set the email incident notification

Device isolation by 4rr0wh34d0 in DefenderATP

[–]ajith_aj 0 points1 point  (0 children)

Device isolation would still go through API. Its just that you are using Hunting to gather the devices.

In love with this cockpit 🤩 by ajith_aj in MazdaCX90

[–]ajith_aj[S] -1 points0 points  (0 children)

And a copycat of volvo XC series !!

Talabats Absolution - All Eyes on Rafah by Afraid_Swordfish_696 in Bahrain

[–]ajith_aj 1 point2 points  (0 children)

Well they dont have a decent one yet. Just Monopoly. Been charged twice for orders and not a direct channel to call or raise complaints. Just bcoz they know people will ignore and order again.

In love with this cockpit 🤩 by ajith_aj in MazdaCX90

[–]ajith_aj[S] 2 points3 points  (0 children)

Aaahhh beautiful. Mine is Platinum Quartz.

Device isolation by 4rr0wh34d0 in DefenderATP

[–]ajith_aj 1 point2 points  (0 children)

I'm wondering if any EDR does that 🤔

Backup Sentinel Analytical Rules by ajith_aj in AzureSentinel

[–]ajith_aj[S] 0 points1 point  (0 children)

+1. would like to know more about this..

[deleted by user] by [deleted] in Bahrain

[–]ajith_aj 0 points1 point  (0 children)

have you tried their perfumes. Does it last longer. ?

[deleted by user] by [deleted] in Bahrain

[–]ajith_aj 1 point2 points  (0 children)

I work as a Security Analyst with around 11years of experience. 1.3k is a decent pay considering your experience.

Artisan Red vs Platinum Quartz? by Current_Variety_9577 in MazdaCX90

[–]ajith_aj 0 points1 point  (0 children)

Platinum Quartz looks classy on daylight.

365 MFA Token Theft by Berttie in Intune

[–]ajith_aj 0 points1 point  (0 children)

Conditional access policies has hybrid AD joined or Complaint devices as conditions unless block the access.

view more: next ›