Latest Posts

Microsoft Defender for Identity

Microsoft Defender for Identity

  • Formerly it was known as - Azure Advanced Threat Protection
  • This Azure service protects your hybrid environments from different types of external as well as insider cyber-attacks.
  • This cloud service uses your on-premises Active Directory signals to identify, detect and investigate compromised identities, advanced threats, and malicious insider actions directed at your organization.
  • Defender for Identity enables security admins to:
    • Monitor users, their behavior, and their activities.
    • Protect user identities and credentials stored in Active Directory.
    • Identify and Investigate suspicious user activities.
    • Clear-cut issue information for fast triage.
  • Defender for Identity identifies rogue users who are trying to search for information like username, IP address, users’ group memberships, using different methods.
  • This service will identify the cases where attackers are trying to use brute force attacks, failed authentication attempts, user group membership changes, etc.…
  • It detects the lateral movements inside the network to get control of sensitive users, any attempt of using methods like Pass the Ticket, Pass the Hash, Overpass the Hash, and more.
  • This service highlights domain dominance attacks like code execution on the domain controller, domain controller replication, golden ticket activities, and more…
  • This service reduces unnecessary alerts, and it provides only relevant important security alerts.

We value your Feedback:

Page URL:







Microsoft Defender for Identity
© 2024 Code SharePoint