Microsoft Defender
      Back to home
      1. Sittadel Knowledge Base
      2. Management Guides
      3. Microsoft Defender

      Defender Device Security Alert Queue

      This guide will show an administrator how to access the endpoint alert queue where generated malicious or suspicious activity affecting an entity has been detected.

      Role Requirements

      Procedure Scope: Administrators

      Required Group Membership: Admin.Security

      Handbook Reference

      Package: TBD

      Domain: TBD

      Modifies: TBD

      Defender for Device Alert Queue

      1. Navigate to the Alerts – Microsoft Defender Verify that the Date dropdown is set to 1 week, then locate and select the Add filter button. From the Add Filter dropdown, locate and select the Service/Detection Sources. Set the Status filter to New, In Progress and the Service/Detection Sources to Microsoft Defender for Endpoint.

      Need Assistance?

      Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.