MC797115 – Microsoft Defender for Identity: “Honeytoken was queried via SAM-R alert” retires June 30, 2024 (archived)

Admin impact, Major update, Retirement

check before: 2024-06-30

Product:

Defender, Defender for Identity, Defender XDR

Platform:

World tenant

Status:

Change type:

Admin impact, Retirement

Links:

Details:

Summary:
The "Honeytoken was queried via SAM-R" feature in Microsoft Defender for Identity will retire on June 30, 2024. Users should use advanced hunting queries for custom detection. After retirement, alerts for honeytoken queries using SAM-R protocol will stop. Users need to prepare by adapting to the recommended query method.

Details:
We will be retiring the feature Honeytoken was queried via SAM-R from Microsoft Defender for Identity on June 30, 2024. Instead, we recommend using hunting activities to generate custom detection when required.

Change Category:
XXXXXXX ...

Scope:
XXXXXXX ...

Release Phase:

Created:
2024-05-31

updated:
2024-05-31

Task Type

XXXXXXX ...

Docu to Check

XXXXXXX ...

MS How does it affect me

XXXXXXX ...

MS Preperations

XXXXXXX ...

MS Urgency

XXXXXXX ...

MS workload name

XXXXXXX ...

** AI generated content. This information is not reliable.

the free basic plan is required to see all details. Sign up here

Last updated 10 months ago

MC1060476 - Microsoft Defender XDR services: Deploy… 23. April 2025 Administration check before: 2025-04-23 Product: Defender, Defender for Identity, Defender XDR, Entra Platform: Online, US Instances, World tenant Status: Change type: Admin impact, New feature, Updated message Links: Details: Summary: Deploy the new Defender for Identity…
MC1023484 - (Updated) Microsoft Defender for… 5. March 2025 Administration check before: 2025-03-15 Product: Defender, Defender for Identity, Defender XDR, Entra Platform: Online, US Instances, World tenant Status: Change type: Admin impact, Feature update, Updated message Links: Details: Summary: Microsoft is updating Microsoft Secure Score…
MC1045211 - Microsoft Viva Engage: Private content… 1. April 2025 Administration check before: 2025-06-30 Product: eDiscovery, Entra, Microsoft 365 admin center, Microsoft 365 Groups, Microsoft Viva, Microsoft Viva Engage, Teams Platform: Online, Web, World tenant Status: Change type: User impact, Admin impact, Retirement Links: Details: Summary:…
MC1027793 - 30-day notice: Manage PAC Validation… 11. March 2025 Administration check before: 2025-04-01 Product: Office 365 general Platform: Online, World tenant Status: Change type: Admin impact Links: Details: Last year, Windows updates released on or after April 9, 2024 added new behaviors that start the…
MC1050817 - Immediate Action: Enforce PAC Validation… 9. April 2025 Administration check before: 2025-04-01 Product: Office 365 general Platform: Online, World tenant Status: Change type: Admin impact Links: Details: Last year, Windows updates released on and after April 9, 2024 added new behaviors that start the…
MC1019307 - Microsoft Defender XDR services: New… 28. February 2025 Administration check before: 2025-03-01 Product: Defender, Defender XDR Platform: Online, US Instances, World tenant Status: Change type: Feature update, Admin impact Links: Details: Summary: New LDAP query events will be added to the IdentityQueryEvents table in…

You must be logged in to post a comment.

Share to MS Teams

MC797115 – Microsoft Defender for Identity: “Honeytoken was queried via SAM-R alert” retires June 30, 2024 (archived)

check before: 2024-06-30

Related Posts:

Leave a Reply

cloudscout.one

Schierding.one GmbH

become an evergreen hero

Hey there! We've got some great news - our Basic Plus plan has everything you need to succeed, and it's completely free! So, don't hesitate - take advantage of this amazing opportunity today!

Welcome Back, We Missed You!