Findings
Generator
Configuration
Lucidum Reverse
Architecture
Statistics
← All Findings
Vendor:
Microsoft Defender for Endpoint
FIN-238
Weight:
5
4
3
2
1
Confidence:
High
Medium
Low
Edited:
2026-03-06 09:04
Verified
What It Detects
The Microsoft Defender for Endpoint sensor on this device reports an Inactive health status. The sensor is not sending telemetry or responding to cloud commands, leaving the endpoint unprotected by EDR capabilities.
MITRE ATT&CK Techniques
Comma-separated, e.g. T1078, T1190
Checks
read-only
Field
Operator
Value
healthStatus
equals
Inactive
Remediation
×
×
×
×
+ Add item
Why It Matters
×
×
×
+ Add item
Save Changes
Export Lucidum