Findings
Generator
Configuration
Lucidum Reverse
Architecture
Statistics
← All Findings
Vendor:
Microsoft Defender for Endpoint
FIN-275
Weight:
5
4
3
2
1
Confidence:
High
Medium
Low
Edited:
2026-03-06 09:03
Verified
What It Detects
A device running an end-of-life operating system has not reported to Defender in over 30 days. This represents a forgotten legacy system — it runs an unsupported OS that will never receive patches, and the security agent has gone silent, meaning there is zero visibility into its current state. These devices are often the most dangerous in an environment: they exist on the network with valid credentials and connectivity but receive no security attention whatsoever.
MITRE ATT&CK Techniques
Comma-separated, e.g. T1078, T1190
Checks
read-only
Field
Operator
Value
osPlatform
in
['Windows7', 'Windows8', 'Windows10', 'WindowsServer2008R2', 'WindowsServer2012R2', 'WindowsServer2016']
lastSeen
older_than_days
30
Remediation
×
×
×
×
+ Add item
Why It Matters
×
×
×
+ Add item
Save Changes
Export Lucidum