Title: Users may encounter delays of up to four hours for some alerts and behaviors in Microsoft Defender for Cloud Apps
User impact: Users may encounter delays of up to four hours for some alerts and behaviors in Microsoft Defender for Cloud Apps.
Final status: We’ve monitored the section of infrastructure responsible for regulating alerts and behaviors to ensure that the manual restart process was effective in alleviating impact. Our analysis has shown that service has been restored and that the delays are no longer present.
Scope of impact: Impact was specific to all activities generated by the Microsoft Defender for Cloud Apps service for Anomaly Threat Detection alerts, and any user may have encountered delays in alerts and behaviors of up to four hours.
Start time: Wednesday, February 28, 2024, at 10:00 AM UTC
End time: Wednesday, February 28, 2024, at 5:25 PM UTC
Root cause: A section of infrastructure responsible for regulating alerts and behaviors in Anomaly Threat Detection for the Microsoft Defender for Cloud Apps service was performing below acceptable thresholds, causing alerts and behaviors to be delayed.
Next steps:
– We’re analyzing the telemetry from this incident further to take proactive steps to ensure the expected level of performance from the section of infrastructure.
This is the final update for the event.
