Update Identity Protection Alerts are coming to Microsoft 365 Defender

upnorth

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,469
Azure Active Directory (Azure AD) Identity Protection alerts are now part of Microsoft 365 Defender.

Identity compromise is a pivotal component in any successful attack. By taking control over a legitimate organizational account, attackers gain the ability to move around the network, access organizational resources, and compromise more accounts. With sufficient permissions in hand, attackers have the “keys to the kingdom” to finally achieve their objective – encrypting the entire network, exfiltrating emails or other confidential information, or any other malicious goals. Because of this, it is critical for defenders to have wide visibility into identity activities and gain assistance in spotting suspicious or abnormal activities. This helps defenders identify, investigate, and respond to identity compromise, stopping and evicting attackers from the network.

With the appearance of modern attackers like Nobelium, we have seen identity compromise scenarios taken to the next level - extending across the organization’s on-prem network and cloud environment.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top