LetsDefend Monitoring Alert

Microsoft Defender Real-Time Protection Was Disabled

May, 31, 2023, 09:14 AM

Event ID: 154

Event Time: May, 31, 2023, 09:14 AM

Rule Name: SOC203 - Microsoft Defender Real-Time Protection Was Disabled

Alert Type: Malware

MITRE Technique:
T1059 - Execution - Command and Scripting Interpreter,
T1110 - Credential Access - Brute Force,
T1133 - Initial Access - External Remote Services,
T1555 - Credential Access - Credentials from Password Stores,

Severity: High

Incident Responder

2024 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166