I have a WDAC policy running and have been testing out enforced mode. The machines this will eventually go on cannot have notifications going to the u ...
I have a WDAC policy running and have been testing out enforced mode. The machines this will eventually go on cannot have notifications going to the u ...
I am researching a little bit about MDE/MDO-s API capabilities for advanced threat hunt. my question is: Is it possible to KQL querying MDE/MDO’s A ...
I wasn't terribly sure what website to ask this question on, but since it primarily deals with the development/distribution process I chose to ask it ...
Dear Stackoverflow Community! I've got a question concerning Windows Defender, Attack Surface Reduction and Endpoint Device Manager. To prevent LNK ...
I have a .Net Core API on Windows server 2019 VPS, its been two days now as and when request comes to API 'Antimalware Service Executable' kicks in to ...
Is it possible to prevent the download and execution of files with a .exe extension using 365? I've searched across Endpoint Manager, Defender for End ...
I need to know when an update, detecting with Wuapilib, is of type Definition updates (like Defender updates). Using ICategory interface of Wuapilib I ...
I'm attempting to use this URI to find a specific machine ID so then we can query for the most recent logged on user. When I run this I get an output ...
According to https://learn.microsoft.com/en-us/windows/win32/services/protecting-anti-malware-services- "any non-Windows DLLs that get loaded into the ...
I am trying to create a custom query on Microsoft defender advanced hunting platform that scan the device for a specific extension. I tried these que ...
. Answers to this question are eligible for a +50 reputation bounty. Pi ...
I'm experimenting with some options for an endpoint pen-testing lab for a Windows environment, and Docker seems like a pretty light-weight and easily ...
I have a software integration program that will launch other applications. A recent Windows 10 update has resulted in the calling application locking ...
. Answers to this question are eligible for a +250 reputation bounty. B ...
I have an issue with VS Code and WSL remote extension. On my machine, Windows Defender Firewall blocked node. I do not have sufficient rights to unblo ...
I'm applying wdac using commands when I have enforced mode I try changing it to enforced mode but it doesn't work without the reboot with the Rule 16 ...
I'm trying to build my HarmonyOS app. It was working fine when suddenly windows defender gave me a message that it had found a threat, and directly af ...
for some reason, the windows defender event log, as visible through the Windows Event Viewer application has stopped receiving new events. Previously, ...
I'm very new to PowerShell and I have question in regards to Microsoft Intune and PowerShell. I have this GetMPComputerStatus|select AMRunning to che ...
I'm currently configuring Windows Defender on Windows 10 setting up such that only restricted apps can be run. In one of the allowed apps, I want to ...