Hybrid Identity Threat Investigation Experience


[MUSIC].>>As the modern
workplace transforms, identity attacks are growing exponentially across
on-premises and in the cloud, spanning endpoints and applications. Security teams must monitor user activities across
all identity attack surfaces, often using multiple
security solutions. Because identity
protection is paramount, investigating
identity threats requires a single monitoring and
hunting experience, enabling rapid and effective triage. Which is why Microsoft is providing a new Identity Threat
Investigation Experience: A deep integration between Azure
Advanced Threat Protection, Microsoft Cloud App Security, and Azure AD Identity Protection. Azure ATP leverages
on-premises detections and activities with
abnormal behavior analytics, to assist in investigating
the most at-risk users. Microsoft Cloud App Security
detects and alerts security analysts on
activities across Microsoft and third-party cloud apps. And Azure AD Identity Protection
detects risky sign-in information, implementing conditional access on the compromised user until
the issue is resolved. Microsoft analyzes
the activity and alerts based on user and entity behavior
analytics to determine risky behaviors and provide you an investigation priority
score to streamline incident response for
compromised identities. With the Identity Threat
Investigation Experience, you can investigate
identity activities across on-prem and in the cloud, correlate insights from a wide array of signals and user telemetry, and prioritize investigations based on user and entity
behavior analytics, so the greatest threats to your organization can
be shut down first. Sign up for a Microsoft Threat
Protection trial today. [MUSIC].

Daniel Ostrander

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *