![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 33%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
255 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 28.000000000000004%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECK%3C/text%3E%3C/svg%3E)
Hi AzureAdmin,
One reason an unauthorized file might not be detected is if it is included in the antivirus (AV) exclusions. We do not recommend setting antivirus exclusions unless absolutely necessary. and here are some common mistakes to avoid.
Additionally, if your server is onboarded to Microsoft Defender for Endpoint (MDE), I suggest confirming the health status of your server on Defender. Any alerts generated would be a good starting point for troubleshooting.
In the event this is a false positive - Please follow the steps outlined here - https://learn.microsoft.com/en-us/defender-endpoint/defender-endpoint-false-positives-negatives
Finally, do raise a support ticket if further investigation is needed:
If none of this works, raising a support ticket is the recommended route. To Raise a support Ticket:
- Go to the Azure Portal.
- Click on the Help + support option in the left-hand menu.
- Select New support request.
- Follow the prompts to create a support ticket explaining your issue.
If you find the answer above helpful, please Accept the answer to help anyone in the community who might have a similar question to quickly find the solution.