Microsoft Defender for Identity is a cloud-based security solution that can identify attack signals in Active Directory. The solution leverages traffic analytics and user behavior analytics on domain controllers and AD FS servers to prevent attacks by providing security posture assessments. Additionally, it helps expose vulnerabilities and lateral movement exploitation paths.
Brandon Lee has been in the IT industry 15+ years and focuses on networking and virtualization. He contributes to the community through various blog posts and technical documentation primarily at Virtualizationhowto.com.
Latest posts by Brandon Lee (see all)
Contents of this article
Microsoft Defender for Identity has its roots in Azure, as well as in the former Advanced Threat Protection (Azure ATP). Therefore, organizations do not have to house the security solution on-premises aside from the sensor installed on the domain controllers. It is helpful to provide clear steps to resolve misconfigurations.
Microsoft Defender for Identity helps boost cybersecurity posture in the following four security pillars:
Support the originator by clicking the read the rest link below.