Windows defender security center5/2/2023 There are different options to authenticate to the security center API and MS Graph and assign permissions, but I prefer an Azure Managed Identity. To retrieve information from the Microsoft Defender and Azure AD via APIs we need to have permission to perform the job. ![]() Requirementsįor this solution, we have some requirements. The report we can create in this flow is sent via e-mail. We need to retrieve the registered owner of a device (so we know the e-mail address to which we need to send the report), which is possible using Microsoft Graph and also with an HTTP action. We can query this information using HTTP actions in a Logic Apps flow. We can retrieve the devices with their recommendations via the WindowsDefenderATP API. The solution can be easily deployed with Bicep files, which can be found on my GitHub repo. Let’s have a look at how we can send this report and what the requirements are. If we can grab that information and filter out the software updates (or you might want to send a report with all the recommendations, you don’t filter anything out), we can create a simple report and send that to the owner of the device. In the Microsoft 35 Defender portal, we have information available on software that needs an update under the Security recommendations section of every device. STEP 4: Reset your web browser to its original settings to remove the Windows Defender Security Center tech support scam. STEP 3: Use AdwCleaner to remove adware and malicious browser policies. To make these users aware of the outdated applications on their devices, I wanted to send them a report once in a while. STEP 2: Use HitmanPro to scan your computer for Windows Defender Security Center tech support scam and other malware. But the applications which are installed by the user themselves, are most likely not (updated by the IT organization). ![]() The applications which are deployed by the IT organization are most likely updated by the IT organization on a regular basis. ![]() The thought behind sending such a report to the end-user is that a company has users with local administrator permissions (developers for example) on their (Windows) device and these users install applications that are not maintained by the IT organization. Today’s blog post is about sending a report to end-users with a report of the security recommendations from the Microsoft 365 Defender security portal.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |