MT.1162 - Cloud Extended Timeout should be 30-50 seconds
Overview
Checks that the cloud extended timeout is configured between 30-50 seconds in all assigned Microsoft Defender Antivirus policies.
Insufficient cloud timeout may prevent thorough analysis of suspicious files, allowing potentially malicious content to bypass cloud-based detection.
Remediation action:
- Open Microsoft Endpoint Manager > Endpoint Security > Antivirus
- Edit the relevant Microsoft Defender Antivirus policy
- Set Cloud Extended Timeout to 30-50 seconds
Related links
Test Metadata
| Field | Value |
|---|---|
| Test ID | MT.1162 |
| Severity | High |
| Suite | Maester |
| Category | Defender |
| PowerShell test | Test-MtMdeCloudExtendedTimeout |
| Tags | Defender, Maester, MT.1162 |
Source
- Pester test:
tests/Maester/Defender/Test-MtMdeAntivirusPolicy.Tests.ps1 - PowerShell source:
powershell/public/maester/defender/Test-MtMdeCloudExtendedTimeout.ps1