MC797115 – Microsoft Defender for Identity: “Honeytoken was queried via SAM-R alert” retires June 30, 2024 (archived)

cloudscout.one Icon

check before: 2024-06-30

Product:

Defender, Defender for Identity, Defender XDR

Platform:

World tenant

Status:

Change type:

Admin impact, Retirement

Links:

Details:

Summary:
The "Honeytoken was queried via SAM-R" feature in Microsoft Defender for Identity will retire on June 30, 2024. Users should use advanced hunting queries for custom detection. After retirement, alerts for honeytoken queries using SAM-R protocol will stop. Users need to prepare by adapting to the recommended query method.

Details:
We will be retiring the feature Honeytoken was queried via SAM-R from Microsoft Defender for Identity on June 30, 2024. Instead, we recommend using hunting activities to generate custom detection when required.

Change Category:
XXXXXXX ...

Scope:
XXXXXXX ...

Release Phase:

Created:
2024-05-31

updated:
2024-05-31

Task Type

XXXXXXX ...

Docu to Check

XXXXXXX ...

MS How does it affect me

XXXXXXX ...

MS Preperations

XXXXXXX ...

MS Urgency

XXXXXXX ...

MS workload name

XXXXXXX ...

** AI generated content. This information is not reliable.

the free basic plan is required to see all details. Sign up here


Last updated 4 months ago

Share to MS Teams

Login to your account

Welcome Back, We Missed You!