Query: MS Defender for Endpoint for Servers - Attack Surface Reduction

Stephan G · ‎03-22-2022

Hi everyone,

i recently audit "Block credential stealing from the Windows local security authority, subsystem (lsass.exe)" on my servers. And after i hunted - i get quite often the process AMS.EXE, hpqams.exe, cqmghost.exe that would be blocked.

Anyone got some experience with this? MS wants do block it by default - i don't want be suprised

Thanks Stephan

support_s · ‎03-22-2022

System recommended content:

1. ClearPass Integration Guide Microsoft Defender ATP v2020-01

Please click on "Thumbs Up/Kudo" icon to give a "Kudo".

Thank you for being a HPE valuable community member.

Categories

Company

Local Language

Forums

Discussions

Knowledge Base

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Query: MS Defender for Endpoint for Servers - Attack Surface Reduction

MS Defender for Endpoint for Servers - Attack Surface Reduction

Query: MS Defender for Endpoint for Servers - Attack Surface Reduction