Configuring security for organizational identities and internal devices is about to get a lot easier in Microsoft Defender for Identity while the company plans to add a new step-by-step guide to its cloud-based security solution.
According to a new post in the Microsoft 365 roadmap, the software giant will add a new step-by-step guide to Microsoft Defender for Identity this month.
The guide will verify that organizations have met all environment prerequisites and from there will help them create a Defender for Identity instance, connect to Active Directory and install their sensor. Once complete, user identities will be monitored and immediate action can be taken against any malicious activity that attempts to compromise an organization’s on-premises identities.
This feature will be available worldwide, and Microsoft will likely learn more about how it works in a blog post once it begins rolling out across organizations.
Native response actions
In one separate post In the Microsoft 365 roadmap, Microsoft revealed that it will also add native “response” actions to Microsoft Defender for Identity this month.
This new update will provide SecOps (security + operations) with the possibility of directly locking an Active Directory account or requesting the the password to reset. This will allow them to take direct action when a user is compromised.
Until now, when a user was confirmed as compromised in Microsoft Defender for Identity, the Azure Active Directory account was performed through a conditional access rule according to Microsoft.
While Microsoft Defender for Identity already provides administrators with a central location where they can identify, detect, and investigate on-premises identity-based threats, these two new features will make it easier for organizations to crush insider threats before they go. they don’t spread over their networks.
[ad_2]
Source Link